| Posted by wannaknow, 04-04-2017, 10:58 PM | |
I am sure that this subject have been discussed here before. If it has, please kindly point me in the right direction by posting a link below.
|
| Posted by hynds, 04-04-2017, 11:46 PM | |
I found some threads may you will need
http://www.webhostingtalk.com/showth...&highlight=SSL
http://www.webhostingtalk.com/showth...&highlight=ssl
or just make a search here: http://www.webhostingtalk.com/search...archid=7625149
Good luck,
|
| Posted by BITW, 04-05-2017, 12:17 AM | |
I think Comodo is great. We are using it since 2015 and all going fine.
|
| Posted by Host4Geeks-Kushal, 04-05-2017, 12:28 AM | |
Let's Encrypt all the way!
|
| Posted by DewlanceHosting, 04-05-2017, 01:18 AM | |
If you are using cPanel then Free Comodo SSL (Provided by cPanel via AutoSSL feature) but Comodo took up-to 48 hours to 72 hours to issue a SSL and If your site is suspicious then it can be denied.
However, Let's Encrypt quickly issue SSL and there is lots of addons which allow you to instantly issue SSL for your domain.
|
| Posted by MNCHOST - Chris, 04-05-2017, 02:07 AM | |
Let's encrypt SSL is best for all website as it comes free along with cpanel plugin
Good luck .
|
| Posted by Theguruman, 04-05-2017, 02:14 AM | |
Lets encrypt, its free what more could you want!
|
| Posted by net, 04-05-2017, 02:22 AM | |
Not all people wants free :-)
|
| Posted by hostens, 04-05-2017, 02:45 AM | |
It really depends on purpose. Where you will be using SSL certificate? From security perspective all new certificates equal. For website visitors certificate is a sign of trust.
Free certificate does not build any trust because anyone can get one. However free certificate is good if you are using it either for internal usage, emails or your website is not an e-shop.
If your business depends on website visitors trust then you should consider paid certificates. For basic you could use "Comodo positive" and for advanced you could take a look at extended validation certificates like GeoTrust.
|
| Posted by IH-Jake, 04-05-2017, 04:31 AM | |
Hope you agree that the question was not a great one. If your purpose is to just access a single website over https connection then as per the suggestions a free comodo SSL offered by cPanel or let’s encrypt can do the job for you as they are also offering same encryption level.
If you prefer to use paid SSL, then Comodo positive SSL would be good for you. If you wish to access all the sub-domains of your domain over https then you need to get a higher wild card SSL.
|
| Posted by LJSHost, 04-05-2017, 04:42 AM | |
If you just want a basic secure connection Let's Encrypt will be perfect for you, however these certificates do not include any insurance such as Comodo etc.
If you want legal protection then get a paid certificate.
|
| Posted by BoomHost-Kumar, 04-05-2017, 04:51 AM | |
As mentioned by others.. it really depends on your planned usage with the certificate. Thought let's encrypt is free and provides same level of protection as some of the paid ones I would still recommend getting a cert from a commercial CA (such as Comodo, GeoTrust, Thawte) especially if you have multiple sub-domains to protect (use a wildcard cert) or for carrying out a lot e-commerce business activities because the paid ones also come with some level of insurance, etc.
|
| Posted by WHE Tom, 04-05-2017, 07:53 AM | |
Thats a great point, a lot of the free SSL services don't come with insurance of any kind/level. Its something OP may want to look into before making any decisions, more importantly so if you plan on using your website for any ecommerce etc.
|
| Posted by BITW, 04-05-2017, 07:56 AM | |
That is really a great explanation. If anyone want Paid provider, i would suggest to go with Comodo. I have using Positive one.
|
| Posted by JonaHost, 04-05-2017, 08:20 AM | |
I totally agree with you.
|
| Posted by milihost, 04-05-2017, 08:58 AM | |
Not all people want free, but i'm sure all people want a secure SSL and easy to manage/renew. These 2 things are well offered by Let's Encrypt
|
| Posted by Theguruman, 04-05-2017, 09:24 AM | |
Yes not always, but if they need a basic SSL and it isn't a business website or of huge importance, it is worth saving a few dollars.
|
| Posted by BITW, 04-05-2017, 09:39 AM | |
I think it's all depends on what will be done from user's Website or for which project he want to be involved. If not so serious, Go for Let's or if need better features etc, They can add paid one.
|
| Posted by wannaknow, 04-05-2017, 10:37 AM | |
I just want people to feel SAFE when they order from me.
for example, I see on my firefox brower
www.webhostingtalk.com
"Connection is not Secure"
Im not really worry about webhostingtalk not being secure but if I was going to order something then yes. I wouild be worried.
|
| Posted by wannaknow, 04-05-2017, 10:39 AM | |
Thank you for those links
|
| Posted by bear, 04-05-2017, 10:49 AM | |
Change the URL you use to access it to https, then.
It's not forcing you to https, but it's available.
|
| Posted by MikeDVB, 04-05-2017, 11:09 AM | |
Realistically any SSL should work. Depending on your market an Extended Validation certificate may increase the trust level but it is hard to say without doing testing.
|
| Posted by domaincart, 04-05-2017, 11:10 AM | |
There are different options according to your need. You can be used a free SSL if you don't ecommerce. If your budget is low when you can find Comodo PositiveSSL for $5/yr. If your budget is enough when you can be use a SSL that provides dynamic site seal, even an EV SSL for green bar. It can be increase your sales.
|
| Posted by zonky, 04-05-2017, 09:03 PM | |
Can anyone point to any incident that has lead to a CA paying out on their bundled 'insurance' ? (Remember also, that the insurance is for the end user, not the holder of the cert)
In this day and age, there is little data to support any difference between a 'paid' cert and a free cert with wide device support, like letsencrypt.
There is also little evidence to suggest that EV certs are widely understood by customers, or that they place more trust in sites that display them. All an EV cert tells you, is that someone spent $ in a local country business registry, and that they then purchased a domain/ssl cert. It doesn't mean you can trust that company.
Auto-renewing with letsencrypt is going to offer better continuity of service than a 12 monthly service you need to remember to reinstall correctly, To be honest.
Last edited by zonky; 04-05-2017 at 09:13 PM.
|
| Posted by x-flow, 04-05-2017, 09:11 PM | |
Depends on the type of your website, if it's a personal blog or something like, Let's Encrypt would work for you if you're using a VPS/Dedicated server with system control; or Free cPanel SSL cert if you're using a cpanel hosting. If you don't mind it's free
However, if you're running a business website, better to use paid SSL cert, for Domain Validated (DV) SSL, Comodo works well, while for Organization Validated (OV) or Extended Validated (EV), GeoTrust works well, since they're more trusty and usually come with Warranty.
|
| Posted by zonky, 04-05-2017, 09:43 PM | |
How can a end user of the service tell the difference between a letsencypt and another DV cert, be it comodo or otherwise?
|
| Posted by x-flow, 04-05-2017, 10:09 PM | |
There's no big technical difference between free cert such as Let's Encrypt and paid cert, in the first beginning of my reply also telling free cert can be used for personal blog/website.
Another difference is, free cert doesn't support DV WildCard, DV Multi-Domain, and OV/EV.
It depends on the site owner, and in actual fact, almost all of commercial website are using paid cert rather than free, since it's just a small investment to business.
|
| Posted by John Mo, 04-06-2017, 09:16 AM | |
Today, you have plenty of options when it comes to SSL Certificates. Before installing an SSL, ask yourself two simple questions.
What type of website do I want to secure?
How much I'm willing to spend on an SSL?
For a blog or personal website, Let's Encrypt is a decent choice. Another good option is Comodo Essential Trial. You won't have to pay a dime for it for the first 90 days of use. Comodo Positive SSL is also a cheap alternative.
For a commercial website, you'll need a Business Validation or an Extended Validation certificate. Here you've got plenty of brands to pick from. Comodo, GeoTrust, Thawte and RapidSLL, all are viable options.
|
| Posted by Machen Mathews - LSN, 04-06-2017, 10:10 AM | |
There are different types of SSL Certificates, and different use-cases for each business. Some sites/businesses need SSL to simply provide confidentiality (i.e. encryption). Some businesses prefer using SSL to add more trust and confidence in security (i.e. the business wants visitors to know that the business is a legitimate company and can prove it). It sounds like you are interested in the later (want customers to feel safe).
There are 3 types of certificates established - and different site seals (badges on your website/green lock/etc) and functions for some types. The ultimate in making your customers feel safe -- is probably a Extended Validation (EV) certificate from Symantec (Verisign). This provides your buyers 10,000+ insurance on purchases, a green name and lock in browser, and a dynamic site seal.
Extended Validation (EV) SSL Certificates are only issued after thorough vetting from the Certificate Authority, in addition to checking to make sure the applicant actually has the right to the specific domain. To get EV you must (1) verify legal, physical, and operation existence of the business, (2) verify the entity matches official records / listings, (3) verify exclusive rights to domain specified in EV. (4) verify the entity has properly authorized the issuance of EV (this is usually an attorney letter stating the company is actually requesting the certificate).
As you can see -- that is a lot to take on, but it shows the highest security and provides the ultimate level of trust for a buyer.
Organization Validation (OV) SSL Certificates are similar to EV, but the vetting is a little bit more relaxed. As opposed to 10+ days to receive and EV certificate.. an OV certificate takes about 2 days. You do not get the same insurance, but you typically receive a Secure Site Seal (where you customers can click and see the information registered on the OV certificate from the Certificate Authority).
Domain Validation (DV) SSL Certificates are issued when a CA check to make sure you have the right to use the specific domain name. No company identity information is vetted -- and this means some visitors may feel less safe. These certificates can be issued instantly from various CA's.
There are also many sub-sets of each type of certificate. These sub-sets offer Dynamic Site Seals, SAN, Multi-Domain, Wildcard, and Multi-Domain Wildcard options.
I suggest you obtain an EV SSL certificate to provide the ultimate SAFE feeling to your buyers. If that is not an option, then at least take advantage of a DV SSL Certificate that inlcudes a dynamic site seal.
**PS** Symantec and GeoTrust offer 1-year free certificates to non-profits and startups
https://www.freessl.com/freessl/good-karma/ <-- much value
Zonky, you can just look at the certificate chain. My initial go-to tool when researching a certificate chain is https://www.sslshopper.com/ssl-checker.html
For example you can see that WHT is running a GeoTrust DV SSL Certificate.
|
| Posted by orangejunction, 04-06-2017, 10:51 PM | |
For my hobby and personal websites, I use the Free SSL Certificate from Let's Encrypt.
It's free.
For business websites, I use Comodo, etc.
|
| Posted by scott_m, 04-07-2017, 08:59 AM | |
If you are selling things or are taking information your clients deem sensitive, go with EV or a paid DV. Comodo is a good place. This gives the visitor better trust in what you are doing on the site.
If you just want an SSL to have one for ranking purposes, then even the free ones will do.
I'm still squirrely on Let's Encrypt since they have issued SSLs for over 15,000 paypal phishing sites. Im wondering if there could be some distrust from some of the browsers in the near future for that brand. I'll wait and see on that.
|
| Posted by zonky, 04-09-2017, 07:12 PM | |
There is no evidence to say the the vast majority of users can identify different CAs, and it influences their decisions.
This is really confused. The purpose of the CAs is to Authenticate that the site used belongs to the person who has the SSL certificate. It is never a a guarantee that it is safe to do business, or that they won't misconfigure their server and drop unencrypted database dumps onto an anon ftp server. That is not the purpose of SSL certs.
Not even a EV certs does this; all that show is that the owner of the cert has spent $150 on a company registration; it means they are who they say they are, not that they can be trusted.
|
| Posted by whmcsguru, 04-09-2017, 08:33 PM | |
The smart consumer knows how to look at the certificate and examine who issued it. It's not that hard
Yes, this plays a factor in the decision process.
|
| Posted by zonky, 04-09-2017, 09:54 PM | |
Personally i'd run a mile from a site that relied on a SAN cert with 25 random domain names registered by different parties in some god-awful shared hosting enviroment. CAs are a commodity in the age of domain validated certificates. Are you seriously pretending that a statistically relevant number of consumers check who the CA is?
|
| Posted by whmcsguru, 04-10-2017, 12:36 AM | |
Yes, I am saying that a smart consumer does inspect the certificate.
|
| Posted by r00tb33r, 04-10-2017, 03:31 AM | |
Assuming you don't need extra features like wildcard for subdomains and you just want the cheapest certificate that makes browsers and search engines happy (some minor search rank boost) you can just buy a Comodo certificate from a reseller for rock bottom price. Google for coupons or current offers, you can get one under $5.
|
| Posted by scott_m, 05-05-2017, 11:57 AM | |
EV, and I'm guessing OV (not sure) allow the green bar in the address bar, correct? Whereas the DV level just shows the standard lock. So it is very visible to the customers. They do not need to investigate any further than that to know whether you took the extra effort for to assure them.
As to the purpose of the CA, I get what you are saying. However Comodo will refuse to issue SSLs with 'paypal' or other words they deem very likely to be used for phishing. So taking a precautionary step (even though not obligated) is good for consumer trust. I would choose to pay Comodo over a free Let'sEncrypt based on that alone.
|
|
 Add to Favourites
 Print this Article
|
