Best SSL Certificate to Use
-
I am setting up an ecommerce website that will sell batteries and like most e-commerce sites we will be taking credit cards. I was exploring the different SSL certificates and providers and I was shocked at the difference in pricing. Anywhere from free to over $1000! What is really necessary and what is nice to have? Any suggestions on SSL providers?
Thanks
-
There's several different kids of SSL but it sounds like you're talking about a single domain. That narrows things down to the two most common kinds: domain validated and extended validation.
Domain validation is the most common kind of certificate. The certification authority will send an email to the administrative contact listed on the WHOIS of the domain. Typically it's a link and you click it and that's all that's involved. These are relatively inexpensive but only work for one domain or subdomain (i.e. the certiciate will be issued for www.domain.com but won't show as valid for domain.com). In this same vein, but more expensive, is the wildcard certificate, which works for all subdomains (*.domain.com).
Extended Validation is only available for corporations and you have to jump through a LOT of hoops to get one (birth certificate of one of your officers, letter of validity from your lawyer or accountant, etc.). They take some time to get but the advantage is that you get the coveted green bar (see PayPal's site for a good example).
It doesn't matter who issues the certificate. Verisign used to be a huge name in this area but not so much in recent years. You'll pay more for their name and "warranty", but I doubt anyone outside the industry itself could tell you who Verisign is, let alone what the difference is. I have two Godaddy certificates and it hasn't slowed us down one bit. Many people simply resell for another authority (i.e. GeoTrust, Comodo, etc)
The encryption itself doesn't differ between certificates. Your Private Key (the piece your server needs to decrypt the traffic) and Certificate Signing Request(CSR) will have to be at least 2048 bits in strength (industry-wide). The actual encryption between your server and your client's browser is something that is negotiated as part of the "handshake" when the connection is first made and is most likely 128 bits (although some browsers and servers can support 256 bits). One thing you will need to note is the difference between SHA1 and SHA2 (Godaddy directly asks you which you want and I'm sure the others do as well). When you look at a certificate's details in your browser you'll see who issued a certificate. If it says G2, they're using SHA2. SHA1 has some weaknesses and is being phased out. The only people who will notice the difference are people running Windows XP SP2 or earlier (running any browser, even Chrome or Firefox) and they'll get an invalid certificate warning.
Be sure that your host has plugged the Heartbleed bug or you'll expose your private keys (anyone with your private key can decrypt your traffic).
-
Most SSL providers provide the same exact service. The difference in cost is from the levels of insurance, brand name and provider of the SSL, and trust factor of the badge. For example, you can buy a SSL from GoDaddy right now for around $70. As far as I can see it offers no insurance against identity or infomation theft. If you want a SSL from Verisign, its around $1000 and offers a $1,250,000 warranty. Most people know the verisign badge, and trust that their information will be encrypted and secure. When you purchase an SSL from them, you also get daily malware scanning and other features.
It really boils down to what are you getting the SSL for, if you require the additional insurance, what other features you would like to have, and if you think the badge will be the deciding factor of conversion for your users. If I remember correctly, the more expensive SSL's use a different bit rate. For example 128 bit vs 256 bit.
Hope this helps!
-
Hello Jimmy, I hope this answers you. There are a lot of SSL Certificate offers that I have seen so far and as a Marketer and a developer, I have implemented a lot of SSL Certificates. I will highly recommend you start with a Minimal SSL Certificate either from RapidSSL, GeoTrust or Comodo since they are cost effective.
I just ordered an SSL Certificate from Iwebhub. Check them out too.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Best Location for Copy Block
We are having discussions around the appropriate location to place the SEO copy block on an eCommerce category page. Would like to get the communities opinion to share with the creative team.
Web Design | | TukTown0 -
Should I Use An Animated Javascript Responsive Site
Hi, hope someone might be able to help me with this. I am setting my son up with a website for his small painting and decorating company. However, I am a wordpress stalwart and he has seen a theme which is a javascript animated responsive theme from template monster. Its not my choice just he is adamant that he wants it. However, I am slightly concerned that Google cannot index as well with these kind of sites as they would with a standard HTML site. I would be grateful if someone could confirm if they can be indexed etc. The content appears in what I can only describe as lightboxes. Thanks
Web Design | | denismilton0 -
Best strategy for multiple internal links
We have a website that has a whole heap of internal links. After re-structuring the footer links to the main categories we are now looking at the best way to display the internal links from each category (approx 20-50 links from each). At present they are simply listed on the corresponding category page, however this doesnt look great so we want to display them in a way that is user friendly and also seo friendly. Any suggestions and examples appreciated. Thanks in advance.
Web Design | | Silkstream0 -
What is the best information architecture for developing local seo pages?
I think I have a good handle on the external local seo factors such as citations but I'd like to determine the best IA layout for starting a new site or adding new content to a local site. I see lots of small sites with duplicate content pages for each town/area which I know is poor practice. I also see sites that have unique content for each of those pages but it seems like bad design practice, from a user perspective, to create so many pages just for the search engines. To the example... My remodeling company needs to have some top level pages on its site to help the customers learn about my product, call these "Kitchen Remodeling" and "Bathroom Remodeling" for our purposes. Should I build these pages to be helpful to the customer without worrying too much about the SEO for now and focus on subfolders for my immediate area which would target keywords like "Kitchen Remodeling Mytown"? Aside from my future site, which is not a priority, I would like to be equipped to advise on best practices for the website development in situations where I am involved at the beginning of the process rather than just making the local SEO fit after the fact. Thanks in advance!
Web Design | | EthanB0 -
Anyone used bugherd.com for onsite seo purposes?
Just as the title says, has anyone used bugherd.com for SEO purposes? I was thinking it could be used to show client changes that need to be made regarding the website. Example could be if you are looking at a CRO prospective, you may want to change/add some graphics or text to improve conversions. It seems like a nifty tool to show the changes you want made and to keep track of them. It integrates with basecamp also 🙂
Web Design | | KyleChamp0 -
Are there any studies, statistics or measurable impact of using mixed fonts on landing pages?
Are there any studies, statistics or measurable impact of using mixed fonts on landing pages? One of our landing pages is using five variations of the Arial font where size, strength (bold, italics) and color all vary. One camp internally believes that this okay, whereas another camp wants to standardize the presentation where there's less variance (such as a heading as one and the body copy as another). Have you been through a similar trial or test in the past? I've seen some instances of a Marketing Sherpa study on the topic, but no real numbers to support one thing or another. I've attached an example image of our current LP. I have a lot of strong opinions on a number of items - but we're looking to have an immediate internal discussion on the font issue first. Thanks! GIzA8.jpg
Web Design | | eMagineSEO0 -
Is there any difference in using an underscore vs. a dash in the directory portion of the url?
A friend who is a software developer asked this question regarding the directory portion of the url: Is it better to use dashes or underscores? I know in the domain name Matt Cutts recommends dashes, but what about the directory extension?
Web Design | | RobertFisher0
