Thursday, March 24, 2011

Best SSL certificates provider?

Hi there,

I am going to switching SSL onto a Rails site of mine pretty soon and was wondering if anyone has thoughts or suggestions as to who is the best provider?

Does anyone have any happy stories or horror regarding certain vendors??

Thanks

Kent

From stackoverflow
  • Veri-sign.

  • Well, I do not know whether it is the best or not but CACert is free and easy to use. Disclaimer: I've been a CACert assurer for more than 3 years.

    erickson : Beware that CACert is not included by common browsers. If you want to appear legit to the average Joe, CACert is not an option.
  • Geotrust has come across very well. Usually quick SSL cert issuance (they brag 10 minutes but prepare for at least a little more) and no hassle after that. Most browswers have their root certificate now so give them a shot. http://www.geotrust.com. They are a part of Verisign but from my experience going through their website gives the best results (still different staff maybe?)

  • I've used godaddy certificates in the past and it has been pretty straightforward. They seem to have a pretty good system and range of different types of certs at different price points depending on what you need. For many applications it seems like perceived security (on the part of the site users) is very important. For that reason you may consider going with a provider that is less convenient to you if you feel their brand is more trusted among your users.

  • I've always used GoDaddy and never had an issue. Their support staff is great and always there to help.

  • Perhaps a sidenote:

    The cheaper certs you buy from ie rapidssl and quickssl still use MD5 generated keys which have been broken and can possible be used in hijacking. Read more here. So depending how safe you want to be with your cert you might want to go for a more expensive one.

  • I am using RapidSSL certs purchased through Dynadot for $15.99. Ignore what the previous poster said about RapidSSL still using MD5. They don't. They use SHA-1. You can read more about it here.

0 comments:

Post a Comment