Instant SSL
- Thread starter Slime101
- Start date
Man of Honour
- Joined
- 31 Jan 2004
- Posts
- 16,338
- Location
- Plymouth
Used them quite a bit; no problems & always prompt to respond to support queries 
They're very cheap and they even offer a free SSL for use with e-mail.
I've always worried about customer confidence. With custom web apps aimed at providing a service, i choose to use cheap SSL providers. For e-commerce, i now use thawte as they have a web-123 SSL package which is cheap and its a good brand name which customers have heard of. They make fire extinguisers right? I've also been known to use geotrust which has the top level authority of equifax. These people are pretty good. If you have any problems, you can phone them up right here in the UK and have a good conversation. They're also fairly cheap compared to some of the top SSL providers out there.
Small site/web app use comodo just to have that nice padlock at the bottom of the screen. then make yourself some fancy graphics with a padlock and some catchy text to give your customer some confidence.
Medium site use thawte web 123 or geotrust.
Large site use verisign if you can budget for it. Good brand name, but you pay a price for that. Not too bad around 400ish if i remember correctly.
If you want to do it really on the cheap, make your own certificate server and issue yourself one! the user will get warnings saying its an unknown cert authority tho.
We all know this SSL business is totally overated. It's down to the programmers ability to build a solid website at the end of the day! It's all too easy to get yourself an SSL these days. you don't NEED to provide all the correct details when purchasing it, there are ways around it which is unfortunate because customers rely on the padlock icon showing up. Too many cowboys are using them to lure customers in!
EDIT - forgot to say, make sure whoever you go with offer unlimited free self re-issues, otherwise if you change server your have to buy another SSL or get it re-issued at a cost.
I've always worried about customer confidence. With custom web apps aimed at providing a service, i choose to use cheap SSL providers. For e-commerce, i now use thawte as they have a web-123 SSL package which is cheap and its a good brand name which customers have heard of. They make fire extinguisers right? I've also been known to use geotrust which has the top level authority of equifax. These people are pretty good. If you have any problems, you can phone them up right here in the UK and have a good conversation. They're also fairly cheap compared to some of the top SSL providers out there.
Small site/web app use comodo just to have that nice padlock at the bottom of the screen. then make yourself some fancy graphics with a padlock and some catchy text to give your customer some confidence.
Medium site use thawte web 123 or geotrust.
Large site use verisign if you can budget for it. Good brand name, but you pay a price for that. Not too bad around 400ish if i remember correctly.
If you want to do it really on the cheap, make your own certificate server and issue yourself one! the user will get warnings saying its an unknown cert authority tho.
We all know this SSL business is totally overated. It's down to the programmers ability to build a solid website at the end of the day! It's all too easy to get yourself an SSL these days. you don't NEED to provide all the correct details when purchasing it, there are ways around it which is unfortunate because customers rely on the padlock icon showing up. Too many cowboys are using them to lure customers in!
EDIT - forgot to say, make sure whoever you go with offer unlimited free self re-issues, otherwise if you change server your have to buy another SSL or get it re-issued at a cost.
Man of Honour
- Joined
- 31 Jan 2004
- Posts
- 16,338
- Location
- Plymouth
Huh?joilet said:
The points of an SSL cert are mainly two-fold:
1) Identification (I bet most people don't check though) - but yes, it can be frauded
2) More importantly - to provide an encrypted connection to the server over HTTPS!
Beansprout said:Huh?
The points of an SSL cert are mainly two-fold:
1) Identification (I bet most people don't check though) - but yes, it can be frauded
2) More importantly - to provide an encrypted connection to the server over HTTPS!
Aside from the obvious i was talking more about the integrity of the application. The padlock symbol associated with the SSL gives a false sense of security. People think, oh yeah its secure - its got the padlock, therefore its safe. That doesn't change the fact the site may be full of holes and prone to injection attacks possibly leading to the loss of credit card numbers and all the rest.
That's what i was trying to get at mate.
Slime101 said:
He most likely had a bad experiance with comodo service rather than the SSL itself. All SSL certificates are the same. They might be generated on different platforms, or from different authority, but theres no difference with that SSL compared to one supplied by someone else. That's providing it is the same type of SSL.