Mobile app version of vmapp.org
Login or Join
Bethany197

: What are the benefits of a more expensive SSL certificate? I've been comparing prices of different SSL certificates and found a massive difference in prices between different providers. If we

@Bethany197

Posted in: #Https #SecurityCertificate

I've been comparing prices of different SSL certificates and found a massive difference in prices between different providers.

If we take www.namecheap.com/learn/other-services/ssl-certificates.asp as an example, what would be the advantage of going for the Geotrust certificate for .88/year over the RapidSSL .95/year option?

10.04% popularity Vote Up Vote Down


Login to follow query

More posts by @Bethany197

4 Comments

Sorted by latest first Latest Oldest Best

 

@Radia820

I'll just add a comment about ecommerce standard requirements which often comes up.

As long as a SSL cert is current and at least 128bit (and pref using TLSv1.1 which will be required by 2018) then it is acceptable by Australian PCI-DSS standards (ecommerce), and most ecommerce standards elsewhere, though you would need to check with your local standards body.

And of course, if it is from a trusted CA (Versign,Comodo,LetsEncrypt,Cloudflare,CAcert,Starcom,Wosign etc.) then the browser automatically accepts it without requiring confirmation.

10% popularity Vote Up Vote Down


 

@Fox8124981

There no more difference between both GeoTrust and RapidSSL because there are common purpose for secure your website data by SSL Certificate.

But RapidSSL is for entry level website certificate and GeoTrust is for make a confidence to customer that their data is secure under ssl certificate.

When you buy it from official site it is very expensive but if you choose from reseller than you get same ssl certificate @ very low prices.

10% popularity Vote Up Vote Down


 

@Murray432

In terms of security there isn't any difference.

What you really buy is the certification's company verification that persuades your customers you are trustworthy. That is why Verisign sells the same services for x10 the amount of others.

Also in higher-priced certificates there is an extra level of verification (where you need to send company verification documents, there is a check for the domain owner if the credentials match etc). And usually they give you a fancier banner to put on your website.

There are also the Extended Validation Certificates (EV) where most browsers make the address bar green and clearly identify your website/company.

10% popularity Vote Up Vote Down


 

@Voss4911412

A few things. In theory, the better and more expensive SSL providers are supposed to validate who you are in some way and vouch for your identity. This takes time and manual effort and thus costs more.


Traditionally manual validation (as used by VeriSign, Thawte, Entrust) has been cumbersome, long winded and expensive for the SSL Provider and therefore the purchaser. Automated validation (as used by GeoTrust and GoDaddy) is faster and more cost-effective, yet does not provide the level of assurance expected by consumers relying on SSL - For example GeoTrust's QuickSSL Certificates only validate the applicant's right to use a domain name and not the legitimacy of the company itself.


There's also some crazy new type of SSL cert which does "extended validation" and is much MUCH more expensive.
www.verisign.com/ssl/ssl-information-center/ev-ssl-certificate/index.html

An EV SSL Certificate gives customers more confidence that they are interacting with a trusted Web site and that their information is secure. An EV SSL Certificate triggers high-security Web browsers to display your organization’s name in a green address bar and show the name of the Certificate Authority that issued it.


The cheaper SSL providers do little to no validation of identity which may or may not matter to you (or your users).

Honestly, when we use SSL it's for the encryption, not for a web of trust.

(One valid reason to pay for a more expensive SSL cert is when it's a wildcard cert so it works on all *.example.com domain websites you may ever have. The regular SSL certs are only good for one specific address.)

10% popularity Vote Up Vote Down


Back to top | Use Dark Theme