As you've probably seen, SSL certs come in a variety of types and flavours.

For your purposes, a relatively standard SSL certificate would suffice ; you don't need an Extended Validation certificate, unless you think there is benefit to the little green bar and higher level of trust from users. EV certificates are typically much more expensive and require a longer turnaround time - you will likely need to supply documentation planning you/your business are legit.

My only recommendation would be to get a wildcard certificate ; this covers both yourdomain.com, but also any subdomains you attach to it - which will help if you decide to use login.yourdomain.com, or mail.yourdomain.com, etc.

I've purchased certificates from Gandi and Comodo. Gandi were straightforward (I also use them for domains and some hosting), Comodo were fine but a bit more difficult to deal with.
posted by sektah at 10:36 AM on August 3, 2013

Safe from what?
posted by humboldt32 at 10:43 AM on August 3, 2013

If it's not an e-commerce site I don't know why you would need a certificate at all.
posted by cjorgensen at 10:51 AM on August 3, 2013

Just because a site isn't an ecommerce site doesn't mean that people want their username/password sent over the internet in plain text.

Rapid SSL are okay. The difference in certificate providers is how widely they are trusted. Some of the cheaper certs don't have their root certificates in all browsers. This means visitors see an error message when they arrive.
posted by aychedee at 11:20 AM on August 3, 2013 [2 favorites]

SSL certs are sold like mattresses: a flurry of different names to describe very similar things. The biggest differences are root-cert browser support, as aychedee says, and the amount of verification that's done by the issuer when applying.

Unless you think you'll need a wildcard for multiple subdomains, I'd go with a cheapo <$10 domain-verified cert from Namecheap's various third-party offerings. Comodo definitely has a few more hoops to leap through.

You'll also need to check with your hosting provider on whether you can get a separate IP for SSL, or whether it uses SNI for multiple SSL sites on the same IP, which is supported by most modern browser/OS combos, but not by any browser using Windows XP.
posted by holgate at 11:31 AM on August 3, 2013

I really like Digicert. They have great support.
posted by mkim at 12:40 PM on August 3, 2013

RapidSSL is the cheapest source that I know of that has worked on every device I have tested as a client. Every lesser one I have tried or seen in use doesn't work with one or more of the test devices I can scrounge up from coworkers and friends whenever I reconsider SSL certs (which has been yearly for the past five years).
posted by fief at 10:08 PM on August 3, 2013

I buy from CheapSSLs.com but I think they are the same company as NameCheap mentioned above. I don't think you need a sophisticated SSL unless you are hosting very sensitive information. As long as people see https, that's all they generally care about. The only thing to consider would indeed be whether you need wildcard.
posted by Dansaman at 1:07 AM on August 4, 2013

This thread is closed to new comments.