Question about buying SSL Certs

bobbeatty · 2011-09-23T07:55:17.000Z

GoDaddy is $150 for the SSL EV package whereas Verisign is $2500. Primary difference is that Verisign has a $1,250,000 warranty and GoDaddy is $250,000.

This cert would be for a company that has retail stores selling college shirts, paraphernalia, etc…

Friend of CEO who owns business wants to know which direction to go. Since I have never ran a website for this type of business, not sure what to tell him.

stephenshaw1371 · 2011-09-23T08:07:07.000Z

Do you think his t-shirt selling business is valued over 250k?

DigitalBlacksmith · 2011-09-23T08:15:28.000Z

Honestly go with the GoDaddy or Digicert. You only need the verisign credibility for Financial institutions and places where paranoia is high.

thomasswafford1101 · 2011-09-23T08:41:45.000Z

+1 for Godaddy, Digicert, Comodo, etc. Most users, outside of security guys like myself, never even check the certificate properties to see who issued it, they only look for the lock sign in their browsers or the green EV bar.

The overall costs are differences between the certificate authorities, their penetration on browsers and devices and certain monetary guarantees they make against compromise (not of your site, but of the SSL certificate)

Verizon has been around for a very ling time and their root certificates are standard installed on almost every internet capable device out there. Counter that with GoDaddy, Comodo, Digitcart and others where they may not have the same browser penetration: As an example, Godaddy certs are not installed on older Windows Mobile and Blackberry phones so purchases from those devices would throw up the certificate warning.

That said, most devices that are reasonably up to date (within the last 5-6 years) will have no problems with any of the alternatives for your needs.

DigitalBlacksmith · 2011-09-23T08:48:17.000Z

Agreed, for the most part the biggest thing is compatibility, you want a cert that will work for all browsers.

bobbeatty · 2011-09-23T08:53:18.000Z

Thanks guys, I told him I buy ours from godaddy, but we don’t do retail, so that threw me for a loop - thanks for the great info!!!

Bob

texkonc · 2011-09-23T09:28:18.000Z

DigitalBlacksmith wrote:

You only need the verisign credibility for Financial institutions and places where paranoia is high.

Which is now a Symantec product. So even now I wouldn’t touch it with a ten foot pole held by someone else.

We use Entrust.net and had really good service.

bobbeatty · 2011-09-23T13:24:20.000Z

Texkonc wrote:

DigitalBlacksmith wrote:

You only need the verisign credibility for Financial institutions and places where paranoia is high.

Which is now a Symantec product. So even now I wouldn’t touch it with a ten foot pole held by someone else.

We use Entrust.net and had really good service.

That means a lot coming from you Brian, I don’t know a lot about these cert companies since I don’t do a lot of stuff with Certs - thanks!!!

texkonc · 2011-09-23T14:08:21.000Z

Bob Beatty wrote:

Texkonc wrote:

DigitalBlacksmith wrote:

You only need the verisign credibility for Financial institutions and places where paranoia is high.

Which is now a Symantec product. So even now I wouldn’t touch it with a ten foot pole held by someone else.

We use Entrust.net and had really good service.

That means a lot coming from you Brian, I don’t know a lot about these cert companies since I don’t do a lot of stuff with Certs - thanks!!!

We use it for all of our sites that require to be SSL secured and we have had zero problems…Minus that one time on a order but that was my boss’s fault for not ordering the correct one for me…

Support is VERY helpful when I had to use it, they are very knowledgeable and know their shit and answered all my annoying questions.

johnwhite · 2011-09-23T17:56:43.000Z

We use GoDaddy and as the person who has to go to the site and do the updates, never again. Pain in the butt. Web interface is terrible.