SSL Certificate. Does it matter which one I use?

9 replies
  • ECOMMERCE
  • |
Maybe I am overthinking this but there are a million options, with prices from $10 - $1000.

From the merchant point of view, what should I look for in options?

Then from the customer point of view, has anyone tested different ones? For example, the VeriSign logo is very familiar to me as a customer. I don't recognize any other ones and some look cheap and homemade. Then if you get options like the green address bar, it gets really expensive.

Maybe it doesn't matter and I should just pick any one?
#certificate #matter #ssl
  • Profile picture of the author lotsofsnow
    It does not really matter.

    The main thing is that you have a secure connection. If the company that delivers the secure connection is recognized my many of your customers it's an added bonus.
    Signature

    Call Center Fuel - High Volume Data
    Delivering the highest quality leads in virtually all consumer verticals.

    {{ DiscussionBoard.errors[8581880].message }}
  • Profile picture of the author Deskpops
    It can matter a liitle depending on how your customers access your site. I see a lot more Google warnings about a "certificate from an untrusted authority" with free and cheap SSL Certs when the user visits on Android, especially pre-4 versions.

    If you don't get a lot of Android traffic, it matters less. Most are good. Digicert is probably trusted across more browsers and browser versions than any other, and you pay for it royally. I usually buy GeoTrust (or RapidSSL if there's very little budget).

    Check with your hosting company too. I once had an account with a host that gave me a free GeoTrust cert.
    Signature

    Jeff
    ---
    Jeffrey Smith
    LightCues Affiliate Program

    {{ DiscussionBoard.errors[8582036].message }}
    • Profile picture of the author Giftys
      Originally Posted by Deskpops View Post

      It can matter a liitle depending on how your customers access your site. I see a lot more Google warnings about a "certificate from an untrusted authority" with free and cheap SSL Certs when the user visits on Android, especially pre-4 versions.

      If you don't get a lot of Android traffic, it matters less. Most are good. Digicert is probably trusted across more browsers and browser versions than any other, and you pay for it royally. I usually buy GeoTrust (or RapidSSL if there's very little budget).
      Thanks deskpops! I learned something new today. I have, in fact, been seeing more of those Google certificate warnings and was wondering why. I'll now be improving our certificate type on one of our websites.
      Signature

      WWJD

      {{ DiscussionBoard.errors[8582567].message }}
    • Profile picture of the author Kingfish85
      Originally Posted by Deskpops View Post

      It can matter a liitle depending on how your customers access your site. I see a lot more Google warnings about a "certificate from an untrusted authority" with free and cheap SSL Certs when the user visits on Android, especially pre-4 versions.

      If you don't get a lot of Android traffic, it matters less. Most are good. Digicert is probably trusted across more browsers and browser versions than any other, and you pay for it royally. I usually buy GeoTrust (or RapidSSL if there's very little budget).

      Check with your hosting company too. I once had an account with a host that gave me a free GeoTrust cert.
      The ONLY time you'll see this message is when using a self signed SSL. If you purchase an SSL Cert that is issued for your domain, you will not see any errors unless there's insecure content on the page or the cert is installed wrong.
      {{ DiscussionBoard.errors[8583811].message }}
      • Profile picture of the author Deskpops
        Actually, I used to think that, but I've seen that it's not always true. I was about to pull my hair out for a month getting warning messages from Android's browser on a phone running 2.2.1, but nowhere else. Once I changed from a cheap SSL to GeoTrust, they all went away. Android and some versions of Chrome are notorious for false "untrusted" messages. You can even find screenshots of folks who got the message from when going to a Google-owned site...pretty funny.
        Signature

        Jeff
        ---
        Jeffrey Smith
        LightCues Affiliate Program

        {{ DiscussionBoard.errors[8584129].message }}
        • Profile picture of the author VevoCart
          If you are building a site and expect visitors to recognize the SSL brands to assure visitors, you can go with higher price providers such as Verisign.

          or

          If you simply wish to have the protection and don't concern about the brand awareness, you could go with the cheaper alternatives
          {{ DiscussionBoard.errors[8584341].message }}
          • Profile picture of the author LauraSmith
            Only matters that the one you are using should be from the trusted Certification Authorities such as Symantec, Comodo, RapidSSL, Geotrust, Thawte etc. because the certification from such brands are acceptable by all modern browsers and all this top level CAs SSL certificates are also available at cheap price from the re-sellers than the CA itself.
            {{ DiscussionBoard.errors[8626647].message }}
  • Profile picture of the author andrewc5
    I don't think it matters....I used the cheapest ones I could find.
    Signature
    {{ DiscussionBoard.errors[8583907].message }}
  • Profile picture of the author skn1993
    It does matter.On many desktop / mobile browsers they do not recognize SSL Certificates from companies that are less known & it ends up showing the "untrusted.."message , but when it comes to a user the only thing the 90% of them look at is the https with the green bar ie. the EV SSL. But the 10% of them do take a look at the SSL Certifier.
    {{ DiscussionBoard.errors[8679729].message }}

Trending Topics