SSL certificate recommendations?

3 points by vinny604 ↗ HN
Hi all! Working on a new e-commerce start up and need some advice.

Looked into verisign and digicert

Symantec Secure Site Pro with EV SSL Certificates $1499 Digicert Extended Validation $295

both prices are are for a year

Is the symantec option really worth the extra premium? It's such a huge gap in the price, I'm just curious why it would command such a higher price.

Would like to hear your thoughts or any other companies that you may recommend.

Thank you in advance!

:)

V

9 comments

[ 2.8 ms ] story [ 35.7 ms ] thread
TL;DR - Don't blow money on an unproven site/idea. Go with the cheapest option, until you know your company is going to make money, then think about upgrading (if needed).

Get a PositiveSSL cert from Namecheap for $11/year [1]. In terms of security, they are equivalent. You are buying the "extended validation" package for an inflated cost, meaning that they contact you to verify you are actually a company, that's it (plus insurance stuff that you will never use). This can be an extreme hassle if you need to renew an SSL cert in a hurry, like it expired without you knowing, now you need to jump through tons of hoops (paper work, faxing, phone calls, etc). Your end users will not notice this, security is the same, so I would suggest going with a cheaper domain validation option. You can get wildcard domains (*.example.com) for around $110 [1], but the cheapest option, will cover your apex domain (example.com), and www (www.example.com).

[1] https://www.namecheap.com/security/ssl-certificates/domain-v...

thank you for the advice I will just do that first then.

Thanks!

Good to know. I was looking for the same. thanks.
If you use multiple sub domain for different environment (development, staging, production) you can also choose wildcard SSL so you can use one certificate for *.yourdomain.com

SSL Labs' SSL test (https://www.ssllabs.com/ssltest/) does not use certificate type (domain validated, org, EV) as criteria to get higher score.

For ecommerce site you may get better SSL Security solution at Comodo SSL Store at low cost with highest security.... Just checkout this - https://comodosslstore.com/ Hope you will get better solution here..
You might want to add a disclaimer that you work for Comodo!
E-commerce platforms always require highest level of encryption & security as they are dealing with financial transactions. EV is the only SSL Certificate which gives highest security to online transactions.

Comparing with Symantec, Digicert is not so popular in SSL industry. Symantec is a giant in web security industry and world's top most website are using Symantec Security solutions.

Symantec's Secure site pro EV SSL comes up with SAN feature which lets you secure multiple domains with single certificate, Digicert EV SSL doesn't have this feature.

Symantec's Secure site pro EV SSL has built in "Daily Vulnerability Scanner" which scan website against malicious threats and reports immediately whereas Digicert EV SSL doesn't have this feature.

Rather than buying directly from Symantec, if you choose re-sellers of Symantec such as "CheapSSLSecurity.com" you will get maximum discount.

At CheapSSLSecurity.com you can get Symantec Secure Site Pro with EV SSL certificate at only $839.00/year.

As your business is E-Commerce, EV SSL must required. If price matters for you then you can go with Comodo's EV SSL certificate. Comodo became leading SSL certificate provider all over the world.

At cheapsslsecurity.com you can get Comodo EV SSL Certificate at only $113.00/year.

Thank you for all the replies. I will continue to do my research and see what fits our budget best!

V

vinny, Symantec has passed years in the industry and also offers huge warranty against any fraud on their certs. you should also take at look at cheap ssl shop (symantec's auxiliary company). they sell pro ev from symantec at $1129 https://www.cheapsslshop.com/symantec-secure-site-pro-ev you can save around 250 bucks.