I was looking at digicert’s Wildcard SSL and was surprised by the $595/year price. digicert appears to be well regarded. Any bootstrappers know of a more price friendly comparable alternative?
I use https://www.servertastic.com/ - a reliable reseller with good prices. If you have dedicated servers though, it may be worth checking with your provider first - some are willing to offer their existing customers certs at cost.
I have been using www.rapidssl.com and find it works well and the prices are pretty good. I did use DigiCert originally but the prices were too much.
TL;DR - buy from Namecheap.com - they are usually the cheapest - and certs a commodity so it doesn’t really matter where you get it.
Full disclosure: I have a service that handles SSL installation + AutoRenewal on Heroku: ExpeditedSSL [1] - so if you’re on there then I’d (in an incredibly biased and self serving way) recommend that.
If you’re buying direct, SSL Certs are weird in that they are almost a perfect commodity (in the textbook Economics sense of things) - buying from Company A vs Company B won’t make any difference to your security, etc.
Namecheap.com generally has the cheapest prices and while all the places claim great service and support it’s tightly focused on the “getting a cert” portion of it, not the installation. Further, the “warranties”, etc that are touted as differentiators are more hand waving: for them to pay out you’d have to prove that a hack on your system was caused by some failure in the certificate itself (which is exceedingly unlikely compared to the almost any other attack vector.
Also, because you’ve said you want a wildcard cert, you don’t even need to worry about the “Green Bar” Extended Validation differentiators as you can’t get issued one for a wildcard cert.
What @mbuckbee said. If you’re comfortable with the request/install process, just find the cheapest provider and use the level that’s appropriate for your needs (basic, “green bar”, or whatever).
If you’ll need some help installing, it’s probably worth your time to purchase from a provider that will give support and answer your questions along the way.
I haven’t shopped in a couple of years, but have found good prices in the past at Comodo and GoDaddy. (looking this morning, Comodo has wildcard for $335)
I can also attest to Namecheap / RapidSSL.
Thanks everyone!
Any thoughts on domain validation vs organization validation? Organization validation worth it?
Just buy the cheapest from ssls.com. They are a part of Namecheap and reselling Comodo PositiveSSL and RapidSSL. Been using them for years, buying and setting up is straight forward and painless. I only have a small number of subdomains so I buy a cert for each of them because it’s cheaper than a wildcard.
Technically the cost of a cert should be next to zero, but it’s easy to sell at high prices "because security!"
And unless you are a financial organization with specific requirements the cheapest domain validation cert will be fine for you and your users.
Yes, generating a SSL exercise is trivial exercise and basically costs nothing. It seems to me what you are buying is the insurance which is only needed/valid if SSL is cracked, which is never.
I’m surprised nobody mentioned startssl.com - they have cheaper prices and you can also get unlimited certificates (valid for 2 years) for a single base fee (ie: you verify once, and then issue multiple ones) - it’s worth checking.
I have used StartSSL but found their portal to be pretty painful to use, needing to install a SSL to login for example.
ssls.com have halfprice on all ssls at the moment including wildcard.
1 year wildcard is around $45 for a comodo cert.
Offer lasts untill monday i believe.
I recently added SSL to my blog via Cloudflare. They offer SSL for free for modern browsers with their free plan. Additionally you get a CDN, DDoS protection, Spam protection, JS/CSS optimization via the CDN and great DNS for your site.
Easy to setup, only the DNS change can take its time.
I was just looking at rapidssl and rapidsslonline and was trying to decide on if I should get the rapid ssl wildcard or the geotrust.
Can someone confirm, the sales operator said the rapidssl wildcard will not work well with mobile devices, the user will have to install the root certification at times (compatibility isn’t great) while with Geotrust the root certificates are already present.
Is this true?