Welcome to WebmasterWorld Guest from 220.127.116.11
Forum Moderators: buckworks
I used to be able to get an SSL cert for $95 that would of course allow for verification of a secure connection and provide the company name and address if a person happened to view the certificate details by clicking on the Lock in the corner. Now that same certificate (now called True BusinessID) costs $249. Verisign is higher yet and thawte is a little bit lower at $199.
Geotrust also provides a QuickSSL cert for $139 but it does not give all the details of the business when someone clicks on the lock to get information, but just the URL (from what I understand from the conversation I had with them).
I thought there had to be lower priced SSL certs that were of high quality and offered the same features as the True BusinessID from GeoTrust or Thawte, both of which provide the indication of a secure transaction and the business information.
I found 2 sites that sell certs: [instantssl.com...] and [qualityssl.com...] and both sell them for considerably less at $69 a year. Has anyone dealt with these 2 SSL certs sites? Are their certs equal in features and quality to the other 3 companies?
Looking for feedback...
What I want to know is if anyone else has tried these companies and if so, what did you think. I thought with the readership here, someone would have some first hand experience. Heck, if we only went with well known sources, nobody would have even tried “Thawte SSL's” when they were small and unknown just a few years ago. They used to be priced more cheaply until they “GOT WELL KNOWN”. Same holds true with GeoTrust (formerly Equifax SSL certs)--they were not known until they got some of the pie and decided to raise their prices.
What I'm looking for is helpful feedback about the companies and user experiences (if anyone has any). I'm hoping someone has already given them a try and can provide some feedback.
Anyone know of other good low priced solutions? It's time the big boys had some competition like with the domain name registration and Network Solutions. At one time we were paying $50 a year, then $35, then $25. Now we can get them for $15 or less (or even $6.95) per year. Verisign and Thawte (Thawte is owned by Verisign) has ripped us off for long enough. It's time we let them know that the service is not worth much more than $80 initially and only about $40/year thereafter if even that.
Yeah I hate that little lock too--sure doesn't tell the truth many times. The system was broke before it was forced upon us.
LOL, that's not what I meant. The system itself is actually as close as it even comes to being perfect.
It's just the chances of a payment info being stolen in the process of a transmission are so low that it's not even worth mentioning.
But hey, since Joe Average User says he wants to see a lock - we must all get one :)
It's time we let them know that the service is not worth much more than $80 initially and only about $40/year thereafter if even that.
Actually, technically it's nothing compared to domain registry in terms of required resources.
The most expensive part of the system is (at least should be) the authentication of an applicant.
So I would say $80/$40 sounds just right.
After all, theoretically, I could start issuing certificates tomorrow. It's just a matter of establishing enough authority so that the browser (and other ssl apps) vendors would start including me in the root list by default.
But hey, most people don't even have a clue about the authentication part of the whole SSL deal.
A few weeks ago I talked to one sales rep at a cc processor and he was convinced that if I bought my own certificate - it would be somehow illegal or at least illegitimate. And the only "right" way to do it was to redirect people to their servers with their own certs. I was too tired to explain him his stupidity, but that pretty much shows where most people stand as far as SSL goes.
And Verisign (and others) are not about to let go of such a cash cow any time soon.
I'm way too lazy to check what is required to get into the SSL business, but I'm sure they made it as hard as possible.
Even when a new SSL authority has done the hoop jumping, it's still hard to overcome the older browser limitations because the older browsers do not recognize the new certs authority on the authority records for legit certs providers.
That was one of the major hurdles with GeoTrust (formerly Equifax). I talked with a technician from Equifax back in early 2001 and from the lengthy explanation, it sounded like a nightmare to break into and he saw it from the inside. Also Verisign had some part in qualifying the newly established authority before they became an authority which by design makes it that much harder to break into. The way it was explained to me then (and the details are kinda fuzzy now) sure sounded complicated to be in that business. Perhaps there is some sort of monopoly strangle-hold and we need to break them to allow more competition.
But once Equifax gained enough recognition, GeoTrust took over, jacked up the prices and now they are not any better than thawte in terms of pricing equivalent certs. We just need more alternatives.
I still say the system is already broken from a competition entry standpoint. It should be easier for competitors to break into the market and Verisign should not have any say so over who gets in, but they do--again that's why it's broken. Also, the browsers need to be set up to accept “certificate authority updates” of legit authorities so that all browsers are current even if the browser software is older--the other thing that makes the system broken.
In some respects, this certs thing is somewhat of a scam and Verisign should never have had that much control in the first place.
BTW, I know it's nothing like domain name registration. I was only using it as an example where competition caused prices to drop dramatically. It's like having certs costing about $60-$80 initial fee and renewals costing about $40 instead of costing $200-$400 initial fees and almost that much to renew. It's a rip-off business when you think about what you are getting.
A few weeks ago I talked to one sales rep at a cc processor and he was convinced that if I bought my own certificate - it would be somehow illegal or at least illegitimate. And the only "right" way to do it was...
hahaha, sometimes sales reps are so ignorant and Joe Average knows less than what they know. In fact we don't even need their paid certs to make a secured connection. However, the browser won't recognized that as legit and will throw up warnings like you said. What a pain.
...OK back to the question... Any more certs authorities that are good to work with?
They sure mess with us on pricing, but it's cool if I can get one there for that price. Thanks for the info.
Evidently with Certs ordering you can also get a verification seal. The verification seal is what made the True BusinessID cost more. Most people only get the cert by itself which is $139/year. It's still more than InstantSSL certs of comparable quality and Geotrust certs use to be $95/year.
After doing more research, I also find that the parent company of InstantSSL (Comodo Group) is actually the 3rd largest provider of certs. It's just not as widely publicised as Verisign or Thawte. And in other forums, I am finding Comodo (aka InstantSSL) being well thought of by a couple other people buying their certs saying that service was good. Pricing starts at $49/year for certs which is equal to the cert price at RackShack.
RackShack struck a deal with Geotrust to get a bulk savings (called them about it). For how long they are able to offer that deal, I don't know nor do I know if the renewal price would still be $49/year or at the regular $99/year. And that's the research into Certs and pricing (there's more but that's the main points).
The one problem is that they sell certs which are not root trusted directly but this just means you have to install an extra key bundle in your web server software and full instructions are given plus their support have been very responsive when I have dealt with them.
We looked at Geotrust briefly after Thawte put their prices up.
For those who don't know much about secure certs they are free to issue and anyone can do it the only problem is that unless the issuer is trusted users visiting the site will see a message warning them of this fact. The issuers provide a service whereby they check you are who you say you are before they issue you a certificate.
But I don't see too much point in this they seem to think it establishes trust but just because a company can prove they exist there is no reason to say that they should be trusted.
With Comodo we have defiantely found a good partner, they have a great price and good service and support.
Just my 2p