Results 1 to 8 of 8

Thread: SSL Certificates

  1. #1
    TonyBurn
    Guest

    SSL Certificates

    I'm currently considering creating an e-commerce website as part of an already establised business. Whilst pricing up the initial setup costs I will have to consider obtaining an SSL certificate. There are many companies that will supply a certificate, my question is that with such a range of prices what makes a basic SSL certificate from Verisign any better then one from GoDaddy considering the considerable difference in price ?

    Has anyone got any other suggestions on how to go about obtaining an SSL certificate ?

    Any feedback muchly appriciated.

  2. #2
    Administrator Moby-Dick's Avatar
    Join Date
    Jul 2003
    Location
    There's no place like ::1 (IPv6 version)
    Posts
    10,665
    Thanks
    53
    Thanked
    384 times in 313 posts
    I've always bought 3rd party verified certs from Thawte when needed. If you are running an ecommerce site then a repulatble cert is a must. Do Godaddy make as many checks to ensure that you ( and your company ) are who they say you are ?
    my Virtualisation Blog http://jfvi.co.uk Virtualisation Podcast http://vsoup.net

  3. #3
    TonyBurn
    Guest
    Well it makes no difference to me, GoDaddy seem cheaper so would be the obvious choice for an SSL certificate.

    When I shop online I just look for SSL being used when using pages with sensitive data, I cant say I ever look into who provides the certificate to whatever company I might be buying off.

  4. #4
    TiG
    TiG is offline
    Walk a mile in other peoples shoes...
    Join Date
    Jul 2003
    Location
    Questioning it all
    Posts
    6,213
    Thanks
    43
    Thanked
    47 times in 42 posts
    The reason that is because of this...

    "Relies on no third party for its Public Key Infrastructure; our Certificate Authority owns its Trusted Root."

    Means its only as good as its secure site, i wouldn't touch this with a barge pole, thats why the cost is so much different.

    The whole point is that you should as part of a SSL communication go to a trusted third party to gain the key, thats why thawte and versign and bt etc are more expensive for certificates.

    I'd definitely pay the hundred to two hundred quid for the versign version.

    TiG
    -- Hexus Meets Rock! --

  5. #5
    Goat Boy
    Join Date
    Jul 2003
    Location
    Alexandra Park, London
    Posts
    2,428
    Thanks
    0
    Thanked
    0 times in 0 posts
    We use Geotrust - they are not that pricey...
    "All our beliefs are being challenged now, and rightfully so, they're stupid." - Bill Hicks

  6. #6
    eek
    eek is offline
    Member
    Join Date
    Jan 2005
    Posts
    148
    Thanks
    1
    Thanked
    3 times in 3 posts
    Its partly a question of what you want.

    Do you want the padlock by itself,
    the padlock with company information when you click on the padlock
    or the padlock and a graphic to display on your site.

    Now if its purely the first bit you why spend more than neccessary (assuming that you can use IE6 and it accepts the certificate without any complaints).

    If (and I doubt many people do this so it may not be an issue) you want people who click the certificate to see your company details than the more expensive certificate where your company details appear is worthwhile.

    If you want a graphic on your website confirming that the certificate is valid (and this may or may not be worthwhile but its an interesting question so I'll ask around) I would also go for the more expensive certificate with company name.

    In cases 2 or 3 I would however pick a company with a better name Godaddy are a good firm but their name just doesn't sound right. There is a reason why banks use expensive furniture and cover their floors with marble. If people want reassurance they look for respectability and expense. Godaddy just doesn't sound right.

  7. #7
    The late but legendary peterb - Onward and Upward peterb's Avatar
    Join Date
    Aug 2005
    Location
    Looking down & checking on swearing
    Posts
    19,378
    Thanks
    2,892
    Thanked
    3,403 times in 2,693 posts
    If you just want to secure the transactions, you can self certificate (ie, issue your own) If you want the trust factor that your company has been checked and there is some assurance that you are who you say you are, then use Thawte or Verisign. (Different company with different products even tough Verisign bought Thawte a couple of years ago)
    (\__/)
    (='.'=)
    (")_(")

    Been helped or just 'Like' a post? Use the Thanks button!
    My broadband speed - 750 Meganibbles/minute

  8. #8
    eek
    eek is offline
    Member
    Join Date
    Jan 2005
    Posts
    148
    Thanks
    1
    Thanked
    3 times in 3 posts
    A self certified certificate will not be automatically accepted by IE or Firefox for that matter. If you are selling goods you do need to have a certificate signed by someone IE knows about.

    Beyond that its a matter of what bells and whistles you want (and are willing to pay for). My research seems to suggest that the bells and whistles are not of interest to many people but that may depend on who you are selling to (internet literates may not care, those who are unsure will want every comfort blanket you can offer them).

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Apache Virtual Hosts and SSL certificates
    By DaBeeeenster in forum Software
    Replies: 9
    Last Post: 09-09-2004, 09:33 AM
  2. CPUCitys SSL ...
    By unrealrocks in forum Retail Therapy and Bargains
    Replies: 2
    Last Post: 08-12-2003, 01:01 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •