When I used an SSLprovider a long while ago, I went for Thawte as they were much cheaper. I believe that they are now owned by Verisign and if they are still cheaper then I don't think Verisign is worth extra.
I did a quick check on Google and you might want to look at this link for a range of products, and there's some interesting (I think!) info here
| [reply] |
Excellent Links! Thanks! :)
I was actually thinking just a few hours ago about why a very low cost CA hadn't been setup using an open group approach. Does anyone have any experience with FreeSSL? 128-bit certificates for $35 that are compatible with 96% of browsers sounds almost too good to be true :)
Thanks again :)
| [reply] |
The problem is that certificates are not just meaningless strings of bytes. You can make one right now, for free, using openssl.
What your paying for is someone actually researching and verifying that you are who your say you are. And that they are willing to vouch for your identity. Your also paying for having their trusted root installed in a variety of SSL implementations, so you don't have to worry about establishing the base trust.
Given Verisign's problems w/ DNS, and a very high-profile case where they accidentally gave out a cert that was identified a non-MS'er as Microsoft Corperation, I'd stay away from them. Thawte, which I believe is still owned in part by verisign, seems to still be managed by themselves.
Outside of Verisign & Thawte, there unfortunatly arn't that many providers that share that wide installed base as them.
| [reply] |
I would personally go with Verisign. That is who I use whenever I need a cert, and have never experienced a problem. | [reply] |
| [reply] |
Yeah, thats what a Verisign cert will cost you. Luckily, I've never bought one with my own money, its always been for my company.
| [reply] |
I've had good luck with InstantSSL. Prices start at $49 and they claim 99.3% browser compatibility. | [reply] |