Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In with OpenID
Advertise on LowEndTalk.com

In this Discussion

Need to buy SSL certificate for a webshop. Where to look for?

Need to buy SSL certificate for a webshop. Where to look for?

ztecztec Member
edited November 2012 in Help

Hello LET readers,

Today I am on the hunt for an SSL certificate for a webshop, where should I look for in an SSL certificate? And of course, where can I get the cheapest ones, I alreay saw one from godaddy for 5 euro a year. Seems almost too cheap..

«1

Comments

  • NameCheap.

    "We are in a prison drama. This is like The Shawshank Redemption, only with more tunneling through shit and no fucking redemption."
  • Namecheap - $2 with a domain :)

    Loading Deck - Cloud Consultants: Server Management | Consultancy | Software Development
  • ztecztec Member
    edited November 2012

    And I will need 2 IPs for this, right? Or is it just a dedicated IP?

  • Just a dedicated IP should work.

  • If you're just hosting the one site, one IP is fine

    Loading Deck - Cloud Consultants: Server Management | Consultancy | Software Development
  • @ztec said: And I will need 2 IPs for this, right?

    If you need multiple SSL sites. If you only need one SSL site on the IP, you're good.

    "We are in a prison drama. This is like The Shawshank Redemption, only with more tunneling through shit and no fucking redemption."
  • StartSSL.com

    Free. And the StartSSL roots are in most browsers.

  • ztecztec Member
    edited November 2012

    I got more sites on that one IP, but just this shop needs SSL. So I don't have to configure more IPs?

    For NameCheap, do I need to buy more domains or can I do this with the domains I already own?

    Thanks for StartSSL.com - but I need to be able to show off with the certificate icons on the webshop.

    Thanks for the help guys.

  • No, one IP is fine then.

    Loading Deck - Cloud Consultants: Server Management | Consultancy | Software Development
  • 24khost24khost Member
    edited November 2012

    I bought 2 of them on cyber monday and niether has been setup. Will sell you a rapidssl for 7.50 so I make a little on it. Then just have to set it up. @ztec pm me if interested.

  • @ztec said: can I do this with the domains I already own?

    You can do it with domains you own. PositiveSSL is $7.95/yr, but if you're in the market for a new/cheap domain it's the $2.

    "We are in a prison drama. This is like The Shawshank Redemption, only with more tunneling through shit and no fucking redemption."
  • CheapSSLs/Namecheap

  • @ztec said: Thanks for StartSSL.com - but I need to be able to show off with the certificate icons on the webshop.

    You mean these? https://www.startssl.com/?app=24

  • @ztec said: I need to be able to show off with the certificate icons on the webshop.

    My suggestion would then be to get the $35 Thawte SSL from Namecheap. You get a button with a popup that looks half decent: https://secure.sysadmin.co.uk/

    Loading Deck - Cloud Consultants: Server Management | Consultancy | Software Development
  • I tried StartSLL.com once. My advice: Don't. Takes too much time and is too much of a hassle. It's website is very hard to navigate and from what I've understood is that you need to manually renew the SSL certificate every month.. But that could be an error on my end because again, I find their website hard to understand and confusing

    Linux noob willing to learn.

  • I agree with Creek. StartSSL is a waste of time. I would recommend NameCheap as well. Used a couple of their positivessl certs before. No issues at all.

    There is also GlobeSsl for cheap certs. Never used them before though.

    Pneuma Web Solutions - We provide full-service web application development & consultancy services.

  • I've never had a problem with StartSSL. Their free certificates last 12 months. Agreed, the web navigation isn't the clearest, but it's okay once you get used to it.

  • The cheap certs like RapidSSL or PositiveSLL provide perfectly good 2048-bit security. These can be purchased from cheapssls.com or registrars like namecheap.com at a discount sometimes. Website "badges" are readily available.

    If you want to spend more money you can get an extended validation certicate (http://en.wikipedia.org/wiki/Extended_Validation_Certificate) which turns the address bar green in popular browsers.

  • +1 Namecheap.

  • Chat with @giang for SSL certs

    OnePoundWebHostingUK XEN VPSPV & HVM
    UK Shared & Reseller HostingDomain Registration
    99.9% Uptime GuaranteeUK Ltd Company, Established 2006
  • If you're okay with GD, I bought their Standard SSL for $4.99. Easy to use, and they have something as site seal too.

    Since it's about customers trust for our business, I say you go with something better than free. :)

    I trust Namesilo for my domains. Use DOLLARLESS for $1 discount.
  • @xmob said: I've never had a problem with StartSSL. Their free certificates last 12 months. Agreed, the web navigation isn't the clearest, but it's okay once you get used to it.

    +1 - Once you learn how to issue / view your certificates, it's quite easy.

    Just remember to include the CA bundle certificate when installing.

  • Grab a .info from namecheap for $4 and get SSL for $2 extra :P

  • just bought 5 years positivessl from namecheap at $19.90 with their promotion.what a steal

    vpsdash.com - Tips and tricks in life, information and technology news to get things done

  • @Andri said: Since it's about customers trust for our business, I say you go with something better than free. :)

    http://www.informationweek.com/security/attacks/how-startcom-foiled-comodohacker-4-lesso/231601037

    Free doesn't mean it's not safe. Sort of the opposite proved above.

  • @cosmicgate said: just bought 5 years positivessl from namecheap at $19.90 with their promotion.what a steal

    Are these wildcard certs you can use for any subdomain?

    For StartSSL Class1 Free, you have to register every subdomain with a separate crt.

  • @herbyscrub said: For StartSSL Class1 Free, you have to register every subdomain with a separate crt.

    Well, yeah. Only need to verify the root domain once via email. Great for setting up service SSL on cPanel servers (cpanel, WHM, pop, etc.)

    I believe if you verify yourself you can issue Level 2 / wildcards for free as well. Around 59 dollars or so.

  • I used Minstall 2.5.7, and running two websites with two ssl : https://www.erawanarifnugroho.com - StartSSL https://www.bsie.net - PositiveSSL

    My blog | Server Uptime | I'm not working for any providers in here, all my comments just my own opinion.image
  • CiriumCirium Member
    edited November 2012

    @ErawanArifNugroho

    Just tried visiting your bsie.net site, getting a certificate not trusted error on my iPhone 4S.

    Not sure if I'd go with PositiveSSL if it doesnt work on my phone.

  • @Kris said: Well, yeah. Only need to verify the root domain once via email. Great for setting up service SSL on cPanel servers (cpanel, WHM, pop, etc.)

    Yeah, I was just pointing out the limitation of the free StartSSL. Will end up with quite a few certs with different expirations like I have lol.

    I was wondering if the super cheap certs are like that too since I've never used one before.

  • Namecheap.

  • AndriAndri Member
    edited November 2012

    @Kris said: Free doesn't mean it's not safe.

    Thanks for remind me, mate. We should educate some customers about this too. I was talking about trust, not security. Sys-admin like most of LET visitors are understand about security, that both free SSL and paid SSL are the same. But I don't think all of customers do. I believe that was why the OP need seal for his site: so custumers feels safe doing business with him.

    I trust Namesilo for my domains. Use DOLLARLESS for $1 discount.
  • http://gogetssl.com have a nice offers with a good price.

    "I Always Happy ! The Secret Is, When Something Bad Happens, I Always Yell : Eeee... Macarena !!" :D

  • @Cirium said: Just tried visiting your bsie.net site, getting a certificate not trusted error on my iPhone 4S.

    Thank you for the notification :) I will try to find some fix for it. Maybe it's my wrong configuration in Nginx

    My blog | Server Uptime | I'm not working for any providers in here, all my comments just my own opinion.image
  • @Freek said: you need to manually renew the SSL certificate every month

    You may manually renew you domain auth every month, but once you get a cert from them, it last for 12 months. Of course, after one year, you also need to manually renew it. Anyway, StartSSL is nice for "low end" websites, and I also agree that their website sucks.

    How many stars in your bowl? How many sorrows in your soul?
  • If you're looking for Thawte SSL we've got some https://www.cloudshards.com/ssl.php - can give you some discounts if needed.

    Internap VPS, Web Hosting and more - Cloud Shards | Need a VPS Upgrade?
    Query Foundry, LLC AS62638
  • @vpsnodebox had some interesting deals @ztec -- http://www.lowendtalk.com/discussion/comment/126563 (for Wildcards). Apparently CheapSSLs.com for single.

    -

  • I like rapidssl myself.

  • Regards,
    R. Alkhaili MyRSK - VPS hosting provider since 2009.

  • DeanClintonDeanClinton Member
    edited November 2012

    I use GoDaddy for my SSL certs. Use Code cjc499s to get a $4.99 Standard SSL certificate - When entering the details, I choose Starfield Technologies so GoDaddy doesn't show in the cert ;-) I think this offer expires tomorrow... Can then get 5 years for $29.94

    Otherwise I think it's promo code PROMOSSL for a $13 SSL cert.

    The standard certs include a seal that is clickable too ;-)

    http://www.godaddy.com/compare/gdcompare3_ssl.aspx?isc=cjc499s

  • Ignore startssl, nobody will ever take you seriously - especially if you're looking to sell things.

    I recommend http://cheapssl.com :)

    -- BOFH

  • @Wintereise said: Ignore startssl

    They are the same with PositiveSSL, RapidSSL, AlphaSSL (old computer running Windows XP will get error with AlphaSSL).

    They even offer Insurance. Well I think PositiveSSL, RapidSSL, AlphaSSL are overpriced :P

    Average customers won't check which SSL you are using :D

  • We had positivessl to start with but, with the ca we had issues. RapidSSL has been much better.

  • @xmob said: You mean these? https://www.startssl.com/?app=24

    Yes, but when people figure out it's free they'll take you less seriously, not very logical but it's how it is and I have to live by those rules.

  • @giang said: Average customers won't check which SSL you are using :D

    They won't but bloggers who review your site will check this and rate it.

  • @BronzeByte said: Grab a .info from namecheap for $4 and get SSL for $2 extra :P

    I will do that, thanks!

  • @ztec said: They won't but bloggers who review your site will check this and rate it.

    Actually, no. If you plan on selling things and at a large scale - I can tell you that corporates and larger organizations with proxy servers and other network configurations BLOCK ALL SSL besides a selected few e.g. Thawte. Not self promoting. Only Thawte works at a few places I've worked at as it's the only one whitelisted.

    Just a FYI.

    Internap VPS, Web Hosting and more - Cloud Shards | Need a VPS Upgrade?
    Query Foundry, LLC AS62638
  • @concerto49 said: Actually, no. If you plan on selling things and at a large scale - I can tell you that corporates and larger organizations with proxy servers and other network configurations BLOCK ALL SSL besides a selected few e.g. Thawte. Not self promoting. Only Thawte works at a few places I've worked at as it's the only one whitelisted. Just a FYI.

    About which country are we talking?

    Are you suggesting that I should use Thawte or no SSL at all?

    Also bloggers don't tend to be behind huge corporate/organizations network configurations.

  • I always thought SSL is just some indication that you can afford to spend $20 to cause a padlock to appear on visitors' browsers.

  • @gubbyte said: I always thought SSL is just some indication that you can afford to spend $20 to cause a padlock to appear on visitors' browsers.

    I totally agree, it's on client's request but I agree with him on a marketing point of view.

Sign In or Register to comment.