Welcome to WebmasterWorld Guest from 23.22.220.37

Forum Moderators: buckworks

Message Too Old, No Replies

Which SSL Provider

I have narrowed it down to 4

     
10:48 am on Mar 10, 2005 (gmt 0)

Full Member

10+ Year Member

joined:Sept 24, 2002
posts:214
votes: 0


I am looking at using my site to collect customer information/orders. So I need an ssl certificate, I have narrowed it down to 4
1. Instant SSL 60 pa
2. Quick SSL 100 pa
3. Thawate 200 pa
4. Verisign 319 pa

As you can see my problem is number 1 is just the right price. What should I be looking for from and SSL certificate or is one just the same as another, why spend more?

1:39 pm on Mar 10, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Feb 28, 2004
posts:1786
votes: 0


Geotrust is one that we usualy use. If it is providing 128bit encrpyption - that is the main thing. Then look at the browser compatibility.

-Corey

4:13 pm on Mar 10, 2005 (gmt 0)

Full Member

10+ Year Member

joined:Sept 24, 2002
posts:214
votes: 0


Instant SSL seem to do the same thing as geotrust but they are cheaper. Also the offer a warrenty system where you are inssured for purchase upto $2500 (for the level I have been looking at).

Should I be seduced by this offer of warrenty?

4:23 pm on Mar 10, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Feb 28, 2004
posts:1786
votes: 0


You might check out ev1servers also - see if you can get the cert from them at a cheaper price.

And honestly, I have never paid any attention to the warranty part

-Corey

9:47 pm on Mar 10, 2005 (gmt 0)

New User

10+ Year Member

joined:Dec 16, 2004
posts:3
votes: 0


You should try godaddy. They have 128 SSL starting at $30 per year and they own their own root. I've always been satisfied with them.
11:19 am on Mar 11, 2005 (gmt 0)

Junior Member

10+ Year Member

joined:Mar 8, 2003
posts:89
votes: 0


I bought mine from ev1servers as a result of a recommendation here. Very pleased with it, a Geotrust Quick SSL Cert for $49 how can you go wrong? ;-)

Would have cost me $169 direct from Geotrust!

Simon.

11:32 am on Mar 11, 2005 (gmt 0)

Full Member

10+ Year Member

joined:May 11, 2004
posts:278
votes: 0


Why not to use FreeSSL (now RapidSSL). It's about $45, I've bought it -- seems OK.
3:13 pm on Mar 11, 2005 (gmt 0)

Junior Member

10+ Year Member

joined:Feb 19, 2003
posts:100
votes: 0


I've bought numerous cerificates from InstantSSL, all working perfectly well and once you've bought one, later ones are delivered within the hour!

I really can't see the point in spending any more by using another supplier.

3:55 pm on Mar 11, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:July 24, 2002
posts:1124
votes: 0


just to put in the other side of the coin.

i would never go with anyone other than verisign, or, if on a tight budget, thawte.

it obv. depends on what industry you are in, but in ours - travel - we need every confidence help we can get, and a name like verisign works wonders.

4:34 pm on Mar 11, 2005 (gmt 0)

Full Member

10+ Year Member

joined:Sept 24, 2002
posts:214
votes: 0


Thanks for all your replies, very helpful. Just another question, whats the significance of the certificate issuer owning their own route?

Why are versign so expensive, and what do they offer that the other don't?

7:28 pm on Mar 11, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:July 24, 2002
posts:1124
votes: 0


>> Why are verisign so expensive, and what do they offer that the other don't?

brand. imo, there is something reassuring for a buyer knowing he is being protected by the world's biggest ssl provider. and of all of these brands above, the chances are more likely he knows about verising than the others.

[edited for clarity]

1:48 pm on Mar 12, 2005 (gmt 0)

Junior Member

10+ Year Member

joined:Feb 19, 2003
posts:100
votes: 0


Thinking about it though, how many people actually check the certificate? I think most people just look out for the padlock and some might check the url starts with https.
11:00 pm on Mar 12, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Feb 28, 2004
posts:1786
votes: 0


Most do not actually. But with verisign, they give you their logo to use on your website actually

-Corey

9:29 pm on Mar 13, 2005 (gmt 0)

Full Member

10+ Year Member

joined:Sept 24, 2002
posts:214
votes: 0


I think that essentially at this stage I just need a secure connection, I think that as things start to ramp up I may benifit from verisign brand, but at this stage I can't see that I will get any benefit from spending another 200.

I think that you are right about people not checking the certificate, I know that in the past I haven't. I have only just started checking as I have been looking into ssl.

Thank you for all your input.

9:38 pm on Mar 13, 2005 (gmt 0)

Junior Member

10+ Year Member

joined:July 19, 2004
posts:178
votes: 0


We've used Thawte for about 5 years now. No problems whatsoever.
10:06 am on Mar 14, 2005 (gmt 0)

Full Member

10+ Year Member

joined:Sept 24, 2002
posts:214
votes: 0


What problems might you expect from a certificate provider.
2:31 pm on Mar 14, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Feb 28, 2004
posts:1786
votes: 0


Some of the bigger problems is that they are not automatically installed on a browser.

For example, Verisign has already been installed on almost all the browsers out there. You can actually issue you own cert - either thru your server or thru someone like cacert.org. You will get 128bit encryption, but the cert needs to be trusted on that computer first. And the general public does not really know what this means.

-Corey

9:19 pm on Mar 14, 2005 (gmt 0)

Full Member

10+ Year Member

joined:Sept 24, 2002
posts:214
votes: 0


Is there a way to check what are the more common certificates that come installed on a browser or is that what the ssl providers mean when they say that there certificates are excepted by 99% of browsers?
11:25 pm on Mar 14, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Feb 28, 2004
posts:1786
votes: 0


Well on IE, go to Tools - Internet Options - Content - Certificates. Here you will see what ones you have installed on your system actually

-Corey

12:06 am on Mar 15, 2005 (gmt 0)

New User

10+ Year Member

joined:Feb 23, 2005
posts:9
votes: 0


Comodo (InstatSSL) does not own their own root and GeoTrust will tell you this is a bad thing. This is only bad if Baltimore ever revokes the Comodo certificate. IMO this is unlikely.

GeoTrust has a slightly less browser installation base than the other major CAs. The main difference is that the GeoTrust certificate was not included in the IE 5.0 release, whereas most of its competitors were (Verisign, Thawte, Comodo, etc...). IE 5.0 users make up an estimated 3% of the Internet population.

I have been working on compiling CA data into a comparison web site. If you are interested, sticky note me and I will reply with the URL.

1:04 am on Mar 15, 2005 (gmt 0)

New User

10+ Year Member

joined:Mar 9, 2005
posts:15
votes: 0


You might want to check and see if your host offers a shared SSL certificate. I'm no authority on any of this...but that is how I am implementing SSL with no additional out of pocket.

Really was pretty easy...only drawback being the odd URL in the address line. (host/username/page instead of mysite/page)

Had to turn off Frontpage extensions and make sure I called all images using the [host...] path.

10:23 am on Mar 15, 2005 (gmt 0)

Full Member

10+ Year Member

joined:Sept 24, 2002
posts:214
votes: 0


Thanks for the suggestion, I have checked about a shared ssl, which my host do not provide, well they do but, it doesn't seem any cheaper then buying a certificate just for my site. (if you are comparing price with instant ssl). So I thought that I would bite the bullet and get one for our site alone, just which bullet should I bite? However this discussion is helping to make things clearer.
8:13 pm on Mar 15, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Nov 12, 2003
posts:1070
votes: 0


Verisign actually owns Thwarte, "or they did the last time I check", so I use the Thwarte logo, but have "Thwarte - A Verisign Company" below it.

This probably violates some logo license agreement and no body has bothered me on it.

However, for Joe Blow Average consumer, they just care about the padlock, and don't care or understand certificates anyways.

For us, we have one holding company, and upon checkout from our various subsiduaries (different websites), they are routed to our holding company payment gateway. That way one certificate is shared amonst all my websites.

Here is the latest market share info for the major certificate issuers.

http://www.securityspace.com/s_survey/sdata/200502/certca.html

As you can see, verisign is losing market share due to it high prices.

[edited by: lorax at 8:48 pm (utc) on Mar. 15, 2005]
[edit reason] delinked [/edit]

5:00 pm on Apr 6, 2005 (gmt 0)

Junior Member

10+ Year Member

joined:Sept 15, 2004
posts:61
votes: 0


i just started using Verisign... After my first year of operation with a quickSSL from Geotrust, which worked great.. But i think once you start getting around 300-400 visitors a day, depending on what you are selling the brand name "VeriSign" can instigate more then enough purchases to pay for itself .. I've actually had a few customer ask me "where is the verisign logo", not even knowing there was other options.. so i figured if people are asking, then the amount of visitors thinking the same thing must be expontially higher... 1000 bucks a year is really expensive, and Verisign probably isn't worth it until you are hitting the higher numbers.. But once things are rolling i think any site can quickly benefit from using it... all the other SSL's are great and recognized as well, but using verisign seems to be point most sites will eventually hit once enough sales come in..
11:04 pm on Apr 8, 2005 (gmt 0)

Junior Member

10+ Year Member

joined:Aug 3, 2004
posts:68
votes: 0


Hi Red_Eye.. you must be younger than me :)