Any web site that exchanges personal information with the site users, such as an e-Commerce site, places themselves and their site users at risk of being hacked unless they use the Secured Socket Layer (SSL). SSL enables a secured, encrypted, connection between your web server and the user’s browser.
SSL also requires an SSL certificate, which is purchased from Certificate Authorities who are in the business of verifying the identities of web site operators.
Given the environment we are dealing with, an internet populated by hackers and infested with malware and exploits, the costs of SSL certificates are well worth it. However, if you operate many sites that require SSL the costs can addup. Since Certificate Authorities charge per year, the costs will only accumulate over time.
How can you save money on SSL Certificates?
Consider the level of site verification that you need
When you purchase an SSL certificate you can choose between basic “Domain Validated” Certificates and Enhanced Verification (EV) certificates.
Both types are “signed” by a third party Certificate Authority. This means that a site visitor’s browser receives information required to check with the third party Certificate Authority and verify that the message was sent from the actual site owner.
However, the Domain Validated certificates only verify that the site is owned by the sender of the certificate. They do not consider the other factors such as the integrity and reliability of the site owner. The Certificate Authorities go through a much more rigorous verification process to ensure that the site visitor is not dealing with a dangerous situation.
Now, you know that you are reliable and on the level so you might want to save some money and go with the cheaper basic certificates. However, there are hacking techniques that can compromise Domain Name Servers to obtain fake Domain Validated certificates and redirect users to another site.
In addition, consider that that the point of these certificates is to assure the site user. Consider the value the EV certificates have in building customer trust and confidence. How do you put a price tag on that?
If your site is important to your business and accessible through the public internet you should go for the SSL certificates that offer the highest level of verification.
One of the benefits of the internet is that it is very easy to comparison shop. If you do, you will find that the price of SSL certificates vary widely. The oldest and largest Certificate Authority, VeriSign, is relatively expensive.
Many other Certificate Authorities offer comparable certificates at lower prices. Verisign SSL certificates start at over $200 while there are comparable certificates available for under $50.
Consider Long Term Discount Plans
Certificate Authorities will discount the annual cost if you sign-up for multiple years. If you are a “going concern” this option could save you some money.
Do you have sub domains?
If your web sites need SSL for sub domains you can save money with a Wildcard SSL. One wildcard SSL can be purchased that will cover a site and all its sub sites.
For example, you can apply one wildcard SSL that covers peanutbutter.com, crunchy.peanutbutter.com and smooth.peanutbutter.com.
Do you have multiple domains and host names?
Unified Communications (UC) SSL certificate can be applied to multiple domains and host names. A single UC SSL certificate can be used for a primary domain and up to 99 alternate names. For example, Microsoft Exchange and Microsoft Live servers operators find they can save a lot of money with UC SSL Certificates.
Isn’t free the best price?
You may notice that there are free SSL Certificates available. These are tempting because they offer the same secured, encrypted communication provided by other Certificates.
What’s the catch? There is one of two possibilities.
Either it is being offered for a limited trial period or it is an “unsigned SSL Certificate”.
You can always go with a trial offer without harm, but you need to be looking at your long term solution.
However, beware of the unsigned SSL Certificate. If used in the wrong situation they can be penny wise and very pound foolish.
Unsigned SSL Certificates do not do the third party verification. They still leave the site visitor open to some scams where hackers trick users into thinking they are connected to one site and they are actually communicating with another
Unsigned SSL Certificates, like Domain Verified Certificates are best deployed on internal, intranet sites. They are great for test labs and sites inside your corporate firewall, but if you are dealing with the public on the web the risks are too great.