: Are the different types of SSL certificates a bit of a scam? I'm looking into getting a few SSL certificates for domains to cover the following: autodiscover.example.com remote.example.com www.example.com

@Yeniel560

As of mid-2015, I haven't found any independent studies, or even anecdotal evidence, that EV certificates would increase conversion rate or sales. I've expanded on that in my answer to EV SSL Certificates - does anyone care?.

What did seem to decrease shopping cart abandonment was trust seals and badges. Such trust seals do come with the purchase of an EV. Incidentally, today is the 4th of July and Comodo has a sale of EV certs for 0 instead of 0, which prompted this research. I'm still not entirely convinced one way or the other.

Vote Up Vote Down

@Hamm4606531

There's also the issue where some browsers pick out a lot of perfectly fine SSL certificates and marks them as potentially unsafe. This is due in part around what Darryl said (increased diligence on the part of the SSL vendor to confirm who you are). It's not that the security itself is really any different, it's just intended to provide a better layer of trust.

There's also things like management capability (I can issue and re-issue certs to my hearts content without delay, which has been very handy when domain names suddenly become different), and other perks which can improve your experience. But if the version does what you need, and your customers don't care who the cert is from, then go for it.

As time goes on you may find that you're changing vendors simply because the landscape of your web presence is changing, so considering that now before you start is important.

Vote Up Vote Down

@Sent6035632

"My question is, what makes a
certificate better than a 0
certificate?"


Typically the more expensive the certificate the older the certification company is. Since the list of trusted signers ships with the browser, certificates from newer companies may not be trusted by old browsers.

For example, maybe a certificate isn't trusted by IE5.

But that's about it.

Vote Up Vote Down

@Samaraweera270

I asked the same thing of DigiCert the other day: why are a lot of certificates so much cheaper than yours (~ vs ~0 per year)? Here is the answer they gave me (in my words):


The other companies only verify your domain name (that the person
getting the certificate owns the domain name) whereas DigiCert (and
others) verify the company behind the domain name.


This means they need to check the corporate registry in your country to verify that your company exists and that you are related to company some how. This often also requires a phone call and some other checks. Without this check, all that is required is a computer to verify the whois record with the information entered.

So, in my assessment, if you're going to be using the certificate on a site where the customer is paying for something or entering their personal information, then a more expensive certificate is better. If you're just using the site internally (within the company) then a cheaper certificate is probably all you need.

Vote Up Vote Down

@Murray432

"My question is, what makes a certificate better than a 0 certificate?"

The answer is nothing. A cert is a cert is a cert (since you don't care about "Brand Recognition"), so without EV packages a cert is just a commodity. This explains the history quite nicely.

I do think, however, that brand recognition could be important to some users, but if you are certain you are a trusted source, then I wouldn't worry about it.

Vote Up Vote Down

@Bethany197

I think cartel is the word you are looking for

Vote Up Vote Down