New on LowEndTalk? Please Register and read our Community Rules.
SSL Question
Can someone explain what's the difference between different SSL Certificate Companies? I"m not talking about SSL vs EV SSL.
I'm talking about the difference between a PositiveSSL Cert vs AlphaSSL Cert or other SSL Certs.
As far as I know if they provide teh same bits of protection there is not much difference besides brand. So what's the big deal?
Comments
This situation is similar to domain providers. They all register domains in place of yourself for a fee. The difference is how they provide this service, the price, the reputation, etc.
It would be best to compare the exact offerings between certificate companies. For example, domain validated, 256-bit, single named certificate. Look at things like reissue policy, price, insurance (incase the CA makes a mistake), etc.
There is no real difference of the product - since SSL is standardized.
I was under the impression that these are the same just provided by different companies I believe PositiveSSL is GlobalSign?
When I took a look they had the same encryption.
What's gets me is the huge difference in price, for arguements sake say Positive is $120 a year but you can buy that brand that exact same certificate from say LowEndCerts (made up) for $4.70 a year.. It makes no sense to me.
@Bella ultimately the certificates provide the same level of encryption and cover the same things.
The only difference is the CA (Certificate Authority). For instance some browsers won't recognise AlphaSSL as a CA although all web servers now allow you to install the intermediate certificates that get around this.
It seems to be upmarket to have a certificate from Verisign, but in fact they are all equal and nobody cares about it.
Well, I do agree that this is weird. In the end, though, resellers still help cert companies, because the latter make a profit no matter what type of certs (expensive/cheap) they're selling.
Cert companies obviously have an enormous margin when they directly sell expensive certificates to customers (e.g. RapidSSL, GlobalSign, VeriSign), and high-profile customers, including most huge businesses, will always go towards them to have a cert from a "well-known" cert company.
On the other hand, businesses aren't the only entities to require SSL certificates. Cert companies therefore have different low-end branches (e.g. PositiveSSL, AlphaSSL) that will often end up reselling to other companies. In that case, SSL certs are much cheaper when sold by the reseller, but keep in mind that the cert company up above still makes a profit.
SSL companies = free money printer