Menu
I want to buy a 128bit SSL certificate for a website selling services. I checked http://www.rapidssl.com/ssl-certificate-products/ssl-certificate.htm and http://www.geotrust.com/ssl/compare-ssl-certificates.html. Why are the prices for QuickSSL (Geotrust, $249) and RapidSSL (rapidSSL, $69) so different? Is there any particular reason for this or it's just marketing?
RapidSSL says the following:
However it is our opinion that sites conducting more than 50 transactions will require a Professional Level SSL certificate due to the increased likelihood that the website's customers will expect SSL from a highly credible and established SSL provider and well known internationally accepted SSL brand.
(by "professional level SSL" they mean Geotrust certs)
P.S. will users really pay attention to the SSL issuing authority brand name?
503
RapidSSL is a leading certificate authority, enabling secure socket layer (SSL) encryption trusted by over 99% of browsers and customers worldwide for web site security. We specialize in fast issuance of low cost and free SSL certificates and wildcard SSL certificates.
GeoTrust is a globally-recognized provider of TLS/SSL certificates—now powered by DigiCert, the industry-leader in high-assurance website security.
RapidSSL Wildcard Certificates RapidSSL® Wildcard Certificates help you secure multiple subdomains with one low-cost SSL certificate issued to *. yourdomain.com. Protect your customers' personal data with up to 256-bit encryption. Automated domain control validation makes site authentication a breeze.
The job of the SSL certificate authority(CA)/provider is to validate your organizational identity so that when customers access your web site, they not only get the padlock for security, but they know that your identity as the fully qualified hostname are authentic and not some phishing scam.
True, most all users look no further than the padlock indicating secure connection to their bank web site, email, etc. However, if any CA were to become compromised, all browsers who trust that CA would be vulnerable, because an attacker could forge a certificate for any domain, including yours. Your choice of certificate provider has no bearing on this. I have yet to hear about this actually happening. MITM attacks are a big deal now with wireless hotspots becoming more and more prevalent.
One more thing is browser compatibility. You would expect that your newly purchased cert be compatible with every modern browser. This is because they are all loaded with a list of root CA certs that trust a select list of SSL certificate authorities. If you buy from a CA that is not on that list, all your client browsers will get a security warning that the site's cert is not trusted. Just doublecheck that RapidSSL, Geotrust, or whoever you go with is in the list of all the browsers you care about. (e.g. for Firefox, it's at Tools/Options/Advanced/Encryption/View Certificates/Authorities tab)
In the end, just get the cheapest one that gives you the level of encryption you want. It'll get the job done. Check with your web host provider. They may have discounts.
104
To clarify, both are owned by Geotrust(R) . One difference is that Geotrust certificates use "Geotrust" root, and RapidSSL certificates use "Equifax" root, which will be shown in the certificate info "Issued by".
20
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
