faizan1997
New member
Yes I totally agree with you Comodo's is the best one to understand and to get information over lets encrypt SSL certificates.
Which is best SSL certificate ?
- Thread starter KaenW
- Start date
Yes I totally agree with you Comodo's is the best one to understand and to get information over lets encrypt SSL certificates.
In my mind, an SSL certificate does 2 things.
1. Encrypts traffic between client and server
2. Ensures you are talking to the correct person
On point 1. Assuming that it's the same type of certificate (RSA for example) and a set number of bits, then all certificates are equal. (I prefer Elliptic Curve certs, rather than RSA, as they take more effort upfront to produce, but need less effort to use).
On point 2. Yes, some purchased certificates go to more effort to Ensure the person purchasing in the person that they say they are. But these are long-lived certificates. If your cert is compromised, it's compromised for a long time (or until you notice). Most people don't notice when they've been hacked, especially if the hack doesn't deface their site.
The shorter-lived certificates alleviate this issue.
I think free and automated certificates have won for all but really established e-commerce sites.
For the big names to get back their market share, they need to help the community out with example code to automated their certificate rotation.
The delays in getting a "good certificate" are unnecessary, and that's why I no longer have them on my personal sites.
1. Encrypts traffic between client and server
2. Ensures you are talking to the correct person
On point 1. Assuming that it's the same type of certificate (RSA for example) and a set number of bits, then all certificates are equal. (I prefer Elliptic Curve certs, rather than RSA, as they take more effort upfront to produce, but need less effort to use).
On point 2. Yes, some purchased certificates go to more effort to Ensure the person purchasing in the person that they say they are. But these are long-lived certificates. If your cert is compromised, it's compromised for a long time (or until you notice). Most people don't notice when they've been hacked, especially if the hack doesn't deface their site.
The shorter-lived certificates alleviate this issue.
I think free and automated certificates have won for all but really established e-commerce sites.
For the big names to get back their market share, they need to help the community out with example code to automated their certificate rotation.
The delays in getting a "good certificate" are unnecessary, and that's why I no longer have them on my personal sites.
createcraig
New member
Let's Encrypt works great and is free.
But if you have a recent version of cPanel, you have access to AutoSSL and free SSL certificates automatically generated by cPanel (usually using Sectigo).
It's really easy to put free SSL on your website, and I would only purchase a paid SSL for an Extended Validation certificate Organization Validation certificate. This would give you that green padlock, and is probably only necessary for a very large organization such as a a charity, a large bank, or a large company like Facebook, etc.
But if you have a recent version of cPanel, you have access to AutoSSL and free SSL certificates automatically generated by cPanel (usually using Sectigo).
It's really easy to put free SSL on your website, and I would only purchase a paid SSL for an Extended Validation certificate Organization Validation certificate. This would give you that green padlock, and is probably only necessary for a very large organization such as a a charity, a large bank, or a large company like Facebook, etc.
-
HostingDiscussion
A community for web hosting professionals and enthusiasts, since 2002.
