free ssl vs paid

To line their pockets.

In 99.99% of cases: there is absolutely no need to buy a Paid SSL when free DV (Domain-Validated) certificates are available from most providers - usually issued by Sectigo or LetsEncrypt.

People used to pay for the "Extended Validation" or "Organisation Validation" certificates to have their company name displayed in the browser bar for vanity points but I don't think any current-release browsers still show it anymore.

Some financial institutions in Europe are required to use EV or OV SSL certificates and even that is being phased out.
 
Last edited:
To line their pockets.
Yup, it's just an upsell as they can easily just offer a Free/Let's Encrypt certificate if they wanted to.

But if they won't do that on your current package then your only real options are to either grab a cheap £3-5 certificate elsewhere, upgrade your package to one that includes free certificates or just move host - considering the state of Tso i would do the latter if you can.
 
Check the warranties on the certificates. Free ones dont come with a warranty whereas paid ones probably will (but might not).
Are the warranties actually worth anything?
Can't say I've ever heard of a provider paying out on one and even our own providers' T&C's clearly state a load of very specific conditions that if there was ever an incident involving us/them/the issued certificates, then I doubt we would ever meet their criteria for a pay out.

Edit - a blog post i came across a few years back on certificate warranties - https://scotthelme.co.uk/do-ssl-warranties-protect-you-as-much-as-rocks-keep-tigers-away/
 
Back
Top Bottom