SSL Certificates Security
You're designing a website. You've chosen a hosting company, and now you are in the midst of deciding which certificate authority (CA) to choose.
SSL Certificates: Why SSL?
SSL, or Secure Socket Layer, is a must-have for any business where sensitive data is transmitted, encrypting the session to ensure this data is not compromised.
If you're not receiving or sending sensitive data, you probably don't need to worry about acquiring a SSL certificate at all. If you are using your website to sell goods and services, meaning credit card transactions are taking place, a good SSL certificate is essential. It keeps your customers comfortable in today's age of credit card theft, increasing the likelihood their money ends up in your hands.
SSL Certificates: Types of SSL
Your web hosting company will likely work with you to acquire your site's SSL. There are three types to choose from:
- DEDICATED SSL – It is the most secure, but at the same time the most expensive option. It is unique to your domain and web server, set up on your IP address.
- SHARED SSL – If a web hosting company offers shared hosting, they'll likely choose shared SSL. This makes it simple to manage the single SSL on each server for multiple websites.
- WILDCARD SSL – This works well for sites that have different functions, or subdomains, of your site. An example: shop.mysite.com and cart.mysite.com.
SSL Certificates: On The Cheap
So should you trust a company that offers a cheap or free SSL? While you might want to save some cash by choosing a cheap SSL, will you end up losing cash in the long run?
Certain warning messages can appear if your browser and the company issuing the security certificate don't agree with one another. Pop-ups like this happen for numerous reasons. It could be that the domain on the certificate doesn't exactly match that displayed in the address bar, items are loading through a non-secure source, or the certificate itself isn't trusted by the browser.
This last reason is why you need to do your homework when choosing who issues your site's SSL. Whether an innocent technical mistake or the result of choosing a cheap SSL, customers would likely be reluctant to pull out that credit card. If you are accepting credit card payments or storing highly sensitive data, it makes sense to go with a reliable, trusted name in the world of SSL certificates, not just the cheapest option you can find.
SSL Certificates Services to Avoid for E-Commerce
- CAcert – This free CA promises immediate issuance for free. However, the browser will likely engage the dreaded “not accepted” pop up.
- StartSSL – They also offer free SSL, but their verification involves simply domain name and email address, making this a bad SSL certificate for an online storefront.
SSL Certificates: Who To Trust
There are many CA sites you can trust. However, you need to look at the volume of business your site will see, how many things you're selling, and the type of data that's being transmitted before you can finalize your decision.
- If you are only selling one item, like a site membership, you'll do well with StartSSL Verified. They go beyond domain and email validation by adding organization owner identity into the mix.
- A reseller such as Namecheap is a good option if you aren't conducting a large volume of business. They offer the big names at lower prices.
- Your web hosting company may offer this service as well. For example, GoDaddy offers a SSL add-on for $49.99.
Do not take the purchase of a cheap SSL lightly. If you choose the cheapest thing you can find you can be sure to lose customer trust, sending the customer's money elsewhere.
|Hosting Company||Plans||Visit Site|