• As we continue moving the community to new software, you may experience bugs, see things out of place or missing. While the forum is ready for posting, it may take at least a few days before things are ironed out and look properly updated. If you experience any issue(s), please let us know.

Which is best SSL certificate ?

easyhostmedia

Well-known member
I would say Let's encrypt ssl certificate is good. Reason being it is open source and is absolutely free. It is compatible with major browsers.
Why pay when you are getting SSL for Free with same features.

you dont get the same with free SSL as these offer no validation
 

linuxse

New member
I personally prefers Comodo's free equivalent but Let's Encrypt should "perform" just as well. Just that I prefer Comodo's over them as I believe people understands them better over Let's Encrypt so it probably slightly easier to sell with it.


Comodos is best but if you want to use it on a server for customers you can only have 100 clients were as the Lets Encrypt is unlimited. :shaky:
 

linuxse

New member
If you use cPanel then their AutoSSL is supplied by Comodo which you can use on all accounts you have on your server no matter how many you have.

Like all SSL you can only use 1 SSL per 1 domain

https://ssl.comodo.com/free-ssl-certificate


No thats not correct you can only have a maximum of 100 accounts with Comodo & cPanel on my Servers I I run WHM latest version CloudLinux it will only allow me 100 accounts/Domains

Domain and rate limits

The AutoSSL feature includes the following limitations and conditions:

- It can secure a maximum of 200 domains per host.
- It will only include domains and subdomains that pass a Domain Control Validation (DCV) test, which proves ownership of the domain.
- It will not attempt to replace pre-existing valid certificates that expire in more than three days.
- It will replace certificates with overly-weak security settings (for example, RSA modulus of 512-bit or less).
- It includes corresponding www. domains for each domain and subdomain in the certificate, and those www. domains count towards any domain or rate limits.

For example, if your domain is mydomain.com, AutoSSL will automatically include www.mydomain.com in the certificate.
If the corresponding www. domain does not pass a DCV test, AutoSSL will not attempt to secure that www. domain.
- It does not secure proxy subdomains or wildcard domains.
- If a virtual host contains more than the limit of domain names, AutoSSL uses the following conditions to determine the priority of domains to secure:
 
Last edited:

easyhostmedia

Well-known member
No thats not correct you can only have a maximum of 100 accounts with Comodo & cPanel on my Servers I I run WHM latest version CloudLinux it will only allow me 100 accounts/Domains

Domain and rate limits

The AutoSSL feature includes the following limitations and conditions:

- It can secure a maximum of 200 domains per host.
- It will only include domains and subdomains that pass a Domain Control Validation (DCV) test, which proves ownership of the domain.
- It will not attempt to replace pre-existing valid certificates that expire in more than three days.
- It will replace certificates with overly-weak security settings (for example, RSA modulus of 512-bit or less).
- It includes corresponding www. domains for each domain and subdomain in the certificate, and those www. domains count towards any domain or rate limits.

For example, if your domain is mydomain.com, AutoSSL will automatically include www.mydomain.com in the certificate.
If the corresponding www. domain does not pass a DCV test, AutoSSL will not attempt to secure that www. domain.
- It does not secure proxy subdomains or wildcard domains.
- If a virtual host contains more than the limit of domain names, AutoSSL uses the following conditions to determine the priority of domains to secure:

https://forums.cpanel.net/threads/autossl-and-domain-limits.590515/
Certificates that cPanel, Inc. provides through AutoSSL can secure a maximum of 200 domains per website (Apache virtual host). Certificates that Let's Encrypt™ provides can secure a maximum of 100 domains per website.

when i was hosting i had over 500 accounts on my server and about 300 all had SSL through Autossl, maybe they changed this when they changed their pricing structure
 

linuxse

New member
https://forums.cpanel.net/threads/autossl-and-domain-limits.590515/
Certificates that cPanel, Inc. provides through AutoSSL can secure a maximum of 200 domains per website (Apache virtual host). Certificates that Let's Encrypt™ provides can secure a maximum of 100 domains per website.

when i was hosting i had over 500 accounts on my server and about 300 all had SSL through Autossl, maybe they changed this when they changed their pricing structure


A website is a domain you get one certificate per server and have a max of 200 domains/websites
 

easyhostmedia

Well-known member
A website is a domain you get one certificate per server and have a max of 200 domains/websites

a server is not a domain as server run on IP address with a hostname attached to the servers IP address.

I always tried to discourage my clients from using free SSL certs as if you are running a business and cant afford $10 a year for a paid SSL then you should not be running a business
 
Last edited by a moderator:

izumi777

Member
It all depends what you want it for.

Personal websites and blogs then i would say a free SSL from Letsencrypt etc. will do.

A charity or community group website or a website that does not provide a sales platform then i would say a DV SSL certificate (Comodo positive, RapidSSl) will do.

An ecommerce website or a site that takes personal details then i suggest you use an OV or EV SSL certificate

I agree with this answer. There is no best SSL. It totally depends on the type of website.
 

ServageOne

New member
Depends on the use. We provide both paid SSL (runs for one year) and freeLet's Encrypt SSL (needs to be renewed quarterly). Post what exactly you want to host and what data will be transferred. It is easier then to give a clear answer.
 

easyhostmedia

Well-known member
I still don't see how the average person will know if its free or not. Even I can't tell just from looking at it if its free or not.

With a free SSL you Don’t get an SSL badge or validity checks. if you are running a commercial website and can’t or won’t purchase an SSL then you have no business sense and don’t care about securing customers details.
Clicking on the padlock will tell anyone who issued the SSL and from that info it is easy to find if it’s free or paid.
All free SSLs do is make it far easier for fraudsters to dupe people into thinking they are on a genuine website and parting with their money.
 
With a free SSL you Don’t get an SSL badge or validity checks. if you are running a commercial website and can’t or won’t purchase an SSL then you have no business sense and don’t care about securing customers details.
Clicking on the padlock will tell anyone who issued the SSL and from that info it is easy to find if it’s free or paid.
All free SSLs do is make it far easier for fraudsters to dupe people into thinking they are on a genuine website and parting with their money.

You made me start thinking and doing some research. Maybe I should get a paid for SSL certificate. So I clicked on PowerSSL in your signature.
 

easyhostmedia

Well-known member
You made me start thinking and doing some research. Maybe I should get a paid for SSL certificate. So I clicked on PowerSSL in your signature.

The issue is my domain powerssl.co.uk is on my server, but is points via A record to a white label storefront from The SSL Store, so SSL cert issued to the domain through CSR on my server fails as the actual website is not on my server, so everything has to go to The SSL Store Techs to correct this.
 

SenseiSteve

HD Moderator
Staff member
I would venture to guess that 99.9% of consumers never research SSL certificates of the sites they frequent. I don't see this as affecting conversions in any appreciable fashion.
 

easyhostmedia

Well-known member
I would venture to guess that 99.9% of consumers never research SSL certificates of the sites they frequent. I don't see this as affecting conversions in any appreciable fashion.

paid is always better than free, but if the OP is asking which type of SSL is best

DV
OV
EV

well this would depend on 2 factors

1) What is your website about (blog,commercial, ecommerce etc.)
2) How deep is your pocket as prices range for $10 to a few hundred dollars
 

Artashes

Administrator
Staff member
I would venture to guess that 99.9% of consumers never research SSL certificates of the sites they frequent. I don't see this as affecting conversions in any appreciable fashion.

In respect to the total volume of web traffic passing through, I'd say it's probably closer to 99.999999999999%. :)

0.01% of people looking into it is a colossal amount of people even thinking about it, much less researching.
 

Terrum

Member
I use Let's Encrypt and I haven't really noticed any issues in comparison to paid SSL certificates, not sure if paid certificates are now just slowly becoming a dying format or if they actually do offer any better encryption. Only time will tell :)
 

easyhostmedia

Well-known member
I use Let's Encrypt and I haven't really noticed any issues in comparison to paid SSL certificates, not sure if paid certificates are now just slowly becoming a dying format or if they actually do offer any better encryption. Only time will tell :)

Let's Encrypt is a basic DV cert without any validation and renewed every 90 days

Paid SSL certs are DV, OV, EV and offer validation and other security processes.

It is always best to pay for an SSL if you have a commercial website
 

budgetvm

New member
Hello,

Letsencrypt free SSL is good one. I think most of the normal clients prefer to have free SSL now which is secure and they dont have to spend on it.
 
Top