OpenCart Community

Im looking to buy a SSL certificate but after doing some research I've found the some are so cheap and some very expensive. I understand that price may differ based on their name, high $$ warranty, site seal, green address bars etc.

But whats is the big difference between all these SSL as far as functionality ? Are they all the same just charge different prices ?
For example:

• GoDaddy - $12.99/year
  VeriSign - $1,499/year
  Geotrust - $149/year

I mean you cant beat GoDaddy compared to the others.

Any thoughts ?

My thoughts ? As a user, not specialist :

They are probably all more or less the same in terms of security as long as they come from reputable issuer (there ARE some dodgy ones).I think, in general, the industry struggle a bit with a proper market positioning for their products and you are not the only one confused .

Some customers may perceive 'the green bar' or e.g. verisign mark safer than standard padlock from godaddy.I personally use rapid and couldn't be happier. The installation was a breeze and they work perfectly.However, none of my stores is a really high traffic web so can't say how the inexpensive certificates works in more 'busy environment'.You can beat godaddy - rapidssl and positivessl can be bought cheaper

darek wrote:My thoughts ? As a user, not specialist :

They are probably all more or less the same in terms of security as long as they come from reputable issuer (there ARE some dodgy ones).I think, in general, the industry struggle a bit with a proper market positioning for their products and you are not the only one confused .

Some customers may perceive 'the green bar' or e.g. verisign mark safer than standard padlock from godaddy.I personally use rapid and couldn't be happier. The installation was a breeze and they work perfectly.However, none of my stores is a really high traffic web so can't say how the inexpensive certificates works in more 'busy environment'.You can beat godaddy - rapidssl and positivessl can be bought cheaper

What about browser compatibility ? Does it behave in all browsers ?

Yes, I have no probs with rapid.Bear in mind that none of them guarantees 100% compatibility

Right but whats the difference between these guys as far as functionality ?

in terms of functionality there is hardly any difference, as far I am concerned, the way they work is exactly the same.Obviously, there could be some speed or reliability of server issues but I can't say - maybe someone else would know better .

EDIT : you may also have a look here http://www.webhostingtalk.com/showthread.php?t=949976 )

However, the process of validation is different, that's why you won't get the 'better ones' issued immediately - they require much more information about the company , thus in addition to security of the domain/web, they allegedly provide a higher level of trust.Is it important ? Not to me. I do my research anyway when I use online store for the first time, so when I see the 'padlock' and can check the basics, that's all I wanted to know - the connection is secure and the cert is definitely not the one that tells me if the seller is reliable ! Northern Rock and Lehman Brothers certainly have had the best available certificates...so what? .There is always some risk involved ....

darek wrote:..Northern Rock and Lehman Brothers certainly have had the best available certificates...so what? .There is always some risk involved ....

very true - nice one!

@dony_b In terms of functionality, they all function the same way: the data stream between the user's computer and your server is encrypted, so that the user's data cannot be intercepted by third parties.

As darek said the price difference is meant to reflect different levels of security, and different modes of use, eg:

1. EV = green bar + company name in address bar. More expensive, more secure, but more questions have to be cleared before the SSL cert is issued. Paypal and banks have these.
2. Wildcard or Multiple Domain SSL - can be used on more than one domain.
3. Standard SSL - suitable for ordinary online shop. One domain per certificate.

I personally wouldn't buy a very cheap certificate, as it's meant to improve the trustworthiness of my site, and keep customers' data secure. That matters....though it doesn't quite matter $1500 at present. Also I wouldn't buy 2 cents of product from godaddy on principle...but that's just my choice.

All you really need is an affordable SSL cert from a source you trust. Good names are Geotrust, Comodo, RapidSSL...(others?)

So Godaddy is a NO I guess

I was looking at these guys (digicert.com) standard ssl for $144 but has anyone heard of them ?

I defiantly heard of Geotrust, Comodo, RapidSSL but also read bad reveiws about them as well

Your mileage may vary. I know that the vocal people here tend to dislike GoDaddy, but I have had only good experiences with both their hosting and their SSL certificate management.

mberlant wrote:Your mileage may vary. I know that the vocal people here tend to dislike GoDaddy, but I have had only good experiences with both their hosting and their SSL certificate management.

do you have the standard ssl or the EV SSL ?

I would like to get a EV SSL but they are so expensive ?

Two standards - one for a separate subdomain and one more for all of the other stores that are in subfolders of the main domain name.

mberlant wrote:Two standards - one for a separate subdomain and one more for all of the other stores that are in subfolders of the main domain name.

How are you managing that?? I have a couple of sites hosted on godaddy and I wanted to add an SSL to 2 two of them, I emailed go daddy and this was the response i got.

Thank you for contacting Online Support.

If you wish to secure multiple sites on your hosting account, you would want to purchase a UCC SSL certificate. This would allow you to secure the primary domain as the common name, and then also secure other sites on the hosting as well.
Unified Communications Certificates (UCC) are SSL Certificates that secure multiple domains and multiple hostnames within a domain. They allow you to secure a primary domain, and up to 99 additional Subject Alternative Names, in a single certificate.

UC Certificates are compatible with shared hosting however, the site seal and certificate "Issued To" will only list the primary domain. Please note that any secondary hosting accounts will be listed in the certificate as well, so if you do not want sites to appear 'connected' to each other, you should not use this type of certificate.

You cannot upgrade a UCC certificate to include more names. If you bought the UCC with up to five domains, you need to purchase a new certificate to add another domain.


You can find the pricing for our certificates at the link below:

http://www.godaddy.com/ssl/ssl-certificates.aspx

Please let us know if we can help you in any other way.


Which the way I read that is if my primary domain was primary.com any other site I have on that hosting will have primary.com visiable in the certificate for all visitors. So even if I had mydomain.com and yourdomain.com the certificates would show as part of primary.com which is really not what I want. Have you found a way around this some how??

dony_b wrote:So Godaddy is a NO I guess

I was looking at these guys (digicert.com) standard ssl for $144 but has anyone heard of them ?

I defiantly heard of Geotrust, Comodo, RapidSSL but also read bad reveiws about them as well

This is a good site for help with comparing and understanding SSL certificates:
http://www.sslshopper.com/index.html

I don't know digicert, but they do well in the reviews. Bit.ly use them.

It would be good to know what SSL certificates/authorities other OC users have and if they're happy with them (I only have Geotrust because my host offered it).

Yea that would be great to know what other people with live open cart shops are using ....

yes..you are correct..godaddy is always best..

using go daddy

found the install really easy!

and got 5 year standard ssl deal deal for £119!!

that was from ringing up though.

But never gad any problems installing and they work well.

Your mileage may vary. I know that people here tend to voice dislike GoDaddy, but I had only good experiences with both accommodation and SSL certificate management.

For EV SSL you have to jump through hoops sending them all your business documentation to prove who and what your company is. And they are very expensive to just turn address bar green.

Can go to http://www.cheapssls.com/ and get cert for domain and http://www.domain for 8.95 or *.domain for $89. Best prices I could find. And thats for comodo which is trusted by most browsers

For the record godaddy is garbage hosting company.


My SSL's work fine on http://www.lordofthe.net I have all my stuff verified on comodo I just don't wanna pay the excessive cost of EV just for a green bar

GoDaddy - $12.99/year
Unless you are doing business like Amazon.com, the <$20 ssl is all that is needed. Keep in mind that your site isn't that popular yet, nobody gonna bother with you out of the other millions of sites out there. Godaddy is a garbage hosting company, but domain names and cheap ssl is what they do well.

I like the 8.95/year price better. and don't have to deal with godaddy. I think the 12.95 from godaddy requires you to host with them. between the cheap one and expensive one only difference is the amount of coverage that only covers the fact that your you and no one is snooping. Not to mention even newegg amazon use 128 bit encryption. The cheapssls comodo one I use gives my lordofthe.net site 256 bit encryption. Basically hacker on newegg/amazon see a bit of crap come across screen. They try to spy on my customer and see OMGWTF ungodly amount of encrypted crap come across.

Btw I have servers available on lordofthe.net if you need them . If anyone needs HP stuff hit me on the contact us link since I just went into partnership with them and haven't found an easy automated way to put the HP products up. (god I wish they used my main distributor).

PS qphoria your fedex mod was helpful but damn boy it was expensive for a shipping mod