School me on SSL

[mikelowrey]

Gang,

Been looking at SSL, but there is so many options, I am lost. What would you recommend and why? what price is a good price?

Thank you.

 

[rdn]

Domain Validation is good enough for most needs: https://www.gogetssl.com/domain-validation/

 

[rafass]

https://cheapsslsecurity.com/
Comodo $4.99 bucks / year. Recommended.
A+

 

[rdn]

https://cheapsslsecurity.com/
Comodo $4.99 bucks / year. Recommended.
A+

If you purchase 3 year plan
Still $8.95 per year

Edit: Actually they are really cheap

 

[Zynektic]

I've been told by three hosts to ignore Comodo and get RapidSSL - any idea why?

(I do run RapidSSL instead of Comodo from namecheap.com)

 

[Sheratan]

I have use alphassl, comodo, rapidssl and startssl. All class 1 domain validation.

No problems so far.

 

[rafass]

If you purchase 3 year plan
Still $8.95 per year
Edit: Actually they are really cheap

Wooops, you're right, btw, I've purchased my SSL certificates there but using coupons.
I can not remember the coupon, but searching in google there are many sites that have.
the price in the end is $4.99 / year (Using coupon) paying each year

 

[mikelowrey]

Any major difference between them or is it just the different names? I noticed that some does not offer the green address bar(usually cost a bit more) is that just basically for the user to have more trust?

 

[Anthony Parsons]

What you need to look for with SSL is whether or not they work correctly across mobile platforms. Many don't, many do. You can spend $10 on one that works fine across 95% of browsers and OS nowadays. There is no requirement to spend large sums, to be perfectly honest, not for simply securing your domain for user security.

If you want to validate your organization or extended validation... they're more expensive. Some good FAQ's on this subject at https://www.namecheap.com/support/knowledgebase/category.aspx/38/ssl-certificates-faq)

 

[m1ne]

Cloudflare offers it for free.

 

[ibnesayeed]

Let's Encrypt is promising to arrive by mid of this year which is almost here and they seem to be making good progress. They introduce themselves as, "Let’s Encrypt is a new Certificate Authority: It’s free, automated, and open."

 

[rafass]

I've uninstalled my SSL yesterday and I'm using the certificates of Cloudflare only.
Cheap certificates don't allow wildcard .* (sub-domains)
Wildcard certificates are very expensive, around $100 but some times there are "offers" between $40-$50 bucks
Example:



BUT With Cloudflare, exactly the same is Absolutely FREE!

Let's encrypt looks really promising.

Seems this is the end of the expensive SSL certificates.

 

[rdn]

BUT With Cloudflare, exactly the same is Absolutely FREE!

And is limited to modern browser only .

 

[rafass]

You're right

Universal SSL uses Server Name Indication (SNI) certificates using Elliptic Curve Digital Signature Algorithm (ECDSA). SNI and ECDSA certificates work with the following modern browsers:

Desktop Browsers installed on Windows Vista or OS X 10.6 or later:

Internet Explorer 7
Firefox 2
Opera 8 (with TLS 1.1 enabled)
Google Chrome v5.0.342.0
Safari 2.1
Mobile Browsers

Mobile Safari for iOS 4.0
Android 3.0 (Honeycomb) and later
Windows Phone 7
Note: If you need more compatibility with older browsers/operating systems, such as Windows XP and Android 3.0 and earlier, please check out our Pro, Business, or Enterprise plans.

https://support.cloudflare.com/hc/en-us/articles/203041594-What-browsers-work-with-Universal-SSL-

 

[ibnesayeed]

Let's encrypt looks really promising.

Seems this is the end of the expensive SSL certificates.

Let's Encrypt will only provide Domain Validated SSL Certificates (DV SSL) which will be enough for most cases, but if Extended Validation of entity is required then the traditional route will be taken. So I won't call it the end of expensive SSL, instead I would say it brings the basic SSL to everyone's reach and that is awesome.