Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


SSL Question
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

SSL Question

BellaBella Member
edited May 2014 in General

Can someone explain what's the difference between different SSL Certificate Companies? I"m not talking about SSL vs EV SSL.

I'm talking about the difference between a PositiveSSL Cert vs AlphaSSL Cert or other SSL Certs.

As far as I know if they provide teh same bits of protection there is not much difference besides brand. So what's the big deal?

Comments

  • SilvengaSilvenga Member
    edited May 2014

    This situation is similar to domain providers. They all register domains in place of yourself for a fee. The difference is how they provide this service, the price, the reputation, etc.

    It would be best to compare the exact offerings between certificate companies. For example, domain validated, 256-bit, single named certificate. Look at things like reissue policy, price, insurance (incase the CA makes a mistake), etc.

    There is no real difference of the product - since SSL is standardized.

  • ATHKATHK Member

    @Bella said:

    I'm talking about the difference between a PositiveSSL Cert vs AlphaSSL Cert or other SSL Certs.

    I was under the impression that these are the same just provided by different companies I believe PositiveSSL is GlobalSign?

    When I took a look they had the same encryption.

    What's gets me is the huge difference in price, for arguements sake say Positive is $120 a year but you can buy that brand that exact same certificate from say LowEndCerts (made up) for $4.70 a year.. It makes no sense to me.

  • VPNVPN Member

    @Bella ultimately the certificates provide the same level of encryption and cover the same things.

    The only difference is the CA (Certificate Authority). For instance some browsers won't recognise AlphaSSL as a CA although all web servers now allow you to install the intermediate certificates that get around this.

  • It seems to be upmarket to have a certificate from Verisign, but in fact they are all equal and nobody cares about it.

  • iceTwyiceTwy Member
    edited May 2014

    @ATHK said:
    What's gets me is the huge difference in price, for arguements sake say Positive is $120 a year but you can buy that brand that exact same certificate from say LowEndCerts (made up) for $4.70 a year.. It makes no sense to me.

    Well, I do agree that this is weird. In the end, though, resellers still help cert companies, because the latter make a profit no matter what type of certs (expensive/cheap) they're selling.

    Cert companies obviously have an enormous margin when they directly sell expensive certificates to customers (e.g. RapidSSL, GlobalSign, VeriSign), and high-profile customers, including most huge businesses, will always go towards them to have a cert from a "well-known" cert company.

    On the other hand, businesses aren't the only entities to require SSL certificates. Cert companies therefore have different low-end branches (e.g. PositiveSSL, AlphaSSL) that will often end up reselling to other companies. In that case, SSL certs are much cheaper when sold by the reseller, but keep in mind that the cert company up above still makes a profit.

  • namhuynamhuy Member

    SSL companies = free money printer

    Thanked by 1Dylan
Sign In or Register to comment.