Should I go for dedicated SSL or free shared SSL? What's the deal?

[Blue]

On a different note - SSL Certificates or shopping carts with HTTPS mode does not necessarily mean "secure", it just means the transmission of data is encrypted. If the shopping cart or form is just emailing that information in plain text which can be intercepted, the SSL transaction didn't mean a lick!

This is my point.
The only people who really benefit from SSL are the people who sell the certificates.
The reason there is a perception that it's safer is because these companies want people to think that is the case.

They are no safer.
Anyone can sign up for an SSL Cert.
The verification is a joke.

 

[csn-uk]

This is my point.
The only people who really benefit from SSL are the people who sell the certificates.
The reason there is a perception that it's safer is because these companies want people to think that is the case.

They are no safer.
Anyone can sign up for an SSL Cert.
The verification is a joke.

I would agree that certification is somewhat of a scam, and yes again I would agree that the verification used to ensure that the site is "who they say they are" is pretty lax but it does provide security against phishing (to a degree).

However the key point in all this, is that the best plans of any security consultant, technician or expect can be laid to waste over even simple things and only the combination of security techniques can provide adequate defence - by which I mean specifically the more potential obstacles the more difficult the task of breaking a system.

the following example could be a perfect illustration of that:

Company A: has a standard hosting setup with an industry standard billing, server configuration and a VeriSign or COMODO certificate.

Customer B: orders 3 shared hosting packages from Company A, shortly after ordering these packages Customer B submits a ticket stating his account has been compromised.

Company A: then issues an entire security audit ranging from staff checks, system checks through to software, firewalls.. you name it... Company A returns no known or potential areas for concern.

Company A is then informed by Customer B that their computer had been infected by a virus, resulting in all keyboard input being logged.

The example above illustrates that there are only best practices and security is a two way scenario, SSL simply ensures no one is listening to the communication between the user and the server, meaning that even a virus can mitigate its effects, even secret answers to retrieve a password or form data in a CMS are all threats... all a developer can do is try to plug the holes. For £15/year wouldent you want to plug the holes and show the user the fact you are doing so? similarly, why do you have antiviral software? - ( for the fun of it ?)

 

[SmileServe]

Shared is fine for personal projects or testing. Dedicated is necessary for business plus it's cheap and easy to obtain.

 

[Jgwynne]

You should have dedicated SSL and a dedicated ip

shared SSL is where more than one person share's the same SSL certificate (which mean's sharing the same domain name) you either get a folder for example myssldomain.com/yourspace or a subdomain example yourspace.myssldomain.com

with a dedicated SSL and an ip you get to use your domain name and it's your SSL certificate

joe

 

[easyhostmedia]

I have never believed in providing shared SSL to clients and have never provided shared SSL in my 11 years as a web host until this year when several clients asked about shared SSL, so i set one up and its working great. i still have some clients who have ded IPs and SSL certs.

 

[keshavmhin23]

I have two questions about SSL certificates that I'm hoping you guys will share your experience and thoughts on.

Question 1:
How important is it to have your own dedicated SSL certificate vs. using the free shared SSL certificate? Have any of you guys noticed a loss in customers or orders or any negative side effects at all from using the free shared SSL certificate?

Question 2:
What are some good places to buy SSL certificates and what's a fair price? I've contacted Verisign and their prices are beyond my budget.

Thanks.

P.S. My apologies if these questions have been asked and answered before.

Hello,
1. Shared ssl is never recommended for an eCommerce website reason being is customers are generally not aware of the thing that Shared ssl also provide same level of encryption as dedicated ssl provide and thus with the RED Color warning message in google chrome they can be misguided and can quit before checkout.

However if you do have internal cpanel url or webmail url for your own organization then shared ssl can be used there in .

2. One of good cheap ssl service provider i know is https://www.thesslstore.com/

I hope this shall help you.

 

[paul-ukwsd]

We provide shared SSL free but personally as a consumer, I wouldn't make a purchase from an online store that didn't have it's own SSL.

 

[easyhostmedia]

We provide shared SSL free but personally as a consumer, I wouldn't make a purchase from an online store that didn't have it's own SSL.

Also using a Shared SSL in an online sales situation does not look professional.

you go to the effort and expense to design/setup and stock a website , but cant afford and extra $2 a month for a dedicated IP and $10 a year for a Dedicated SSL.

but as a host you can only provide your clients with what they want