: Are the different types of SSL certificates a bit of a scam? I'm looking into getting a few SSL certificates for domains to cover the following: autodiscover.example.com remote.example.com www.example.com
I'm looking into getting a few SSL certificates for domains to cover the following:
autodiscover.example.com
remote.example.com example.com
Wildcard certificates are too expensive, so I'm going to purchase a single certificate for each subdomain (I have enough IP addresses to go around).
My question is, what makes a certificate better than a 0 certificate?
Take, for example, the GeoTrust product range. I know what an EV is (don't need it), and I know what a Secure Seal is (our users trust us already, so don't need that).
But why would I go for a QuickSSL for when I can get a RapidSSL for ? The only difference is "Brand Recognition" (Moderate to Medium) and insurance.
Can anyone spread any light on what they mean by "Brand Recognition"? Our public website is already well trusted by our users, and the other two subdomains are just for Outlook Anywhere (and thus won't be displayed in a browser).
Re-posted relevant question from serverfault.com/questions/82039/difference-between-ssl-products
More posts by @Murray432
6 Comments
Sorted by latest first Latest Oldest Best
As of mid-2015, I haven't found any independent studies, or even anecdotal evidence, that EV certificates would increase conversion rate or sales. I've expanded on that in my answer to EV SSL Certificates - does anyone care?.
What did seem to decrease shopping cart abandonment was trust seals and badges. Such trust seals do come with the purchase of an EV. Incidentally, today is the 4th of July and Comodo has a sale of EV certs for 0 instead of 0, which prompted this research. I'm still not entirely convinced one way or the other.
There's also the issue where some browsers pick out a lot of perfectly fine SSL certificates and marks them as potentially unsafe. This is due in part around what Darryl said (increased diligence on the part of the SSL vendor to confirm who you are). It's not that the security itself is really any different, it's just intended to provide a better layer of trust.
There's also things like management capability (I can issue and re-issue certs to my hearts content without delay, which has been very handy when domain names suddenly become different), and other perks which can improve your experience. But if the version does what you need, and your customers don't care who the cert is from, then go for it.
As time goes on you may find that you're changing vendors simply because the landscape of your web presence is changing, so considering that now before you start is important.
"My question is, what makes a
certificate better than a 0
certificate?"
Typically the more expensive the certificate the older the certification company is. Since the list of trusted signers ships with the browser, certificates from newer companies may not be trusted by old browsers.
For example, maybe a certificate isn't trusted by IE5.
But that's about it.
I asked the same thing of DigiCert the other day: why are a lot of certificates so much cheaper than yours (~ vs ~0 per year)? Here is the answer they gave me (in my words):
The other companies only verify your domain name (that the person
getting the certificate owns the domain name) whereas DigiCert (and
others) verify the company behind the domain name.
This means they need to check the corporate registry in your country to verify that your company exists and that you are related to company some how. This often also requires a phone call and some other checks. Without this check, all that is required is a computer to verify the whois record with the information entered.
So, in my assessment, if you're going to be using the certificate on a site where the customer is paying for something or entering their personal information, then a more expensive certificate is better. If you're just using the site internally (within the company) then a cheaper certificate is probably all you need.
"My question is, what makes a certificate better than a 0 certificate?"
The answer is nothing. A cert is a cert is a cert (since you don't care about "Brand Recognition"), so without EV packages a cert is just a commodity. This explains the history quite nicely.
I do think, however, that brand recognition could be important to some users, but if you are certain you are a trusted source, then I wouldn't worry about it.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.