3

Based on the answers to this question, I'd like to secure my website using SSL. Now there are several types of certificates and I don't know which one to choose.

My application doesn't include any financial transactions or similar, I just want to make the login process secure. Therefore I'm tempted to choose the cheapest certificate I can get, but what I definitely do not want is that the user get's some kind of Browser warning about the certificate being insecure / unknown / whatsoever where he has to click "Trust" or "Continue" to reach my website.

So what is the simplest certificate I can get with the minimum requirement above? Looking at hosting providers, I see features like

  • Validated Domain
  • Validated Organization
  • Validated Owner
  • Extended Validation
  • Different encryption strengths
  • AutoCSR
  • Green Address Bar
  • SGC (Server Gated Cryptography)
  • Security Seal
  • Insurance (don't need that)
  • ...

Thanks in advance, your answers are always a great help!

Community
  • 1
Joe
  • 189
  • 4

3 Answers3

5

Any certificate that you can buy from any reputable vendor will make the browser warning go away on all major browsers. You can even get one for free (with domain-only validation) from www.startcom.org.

dfranke
  • 379
  • 1
  • 7
  • 1
    +1 for startcom. We use them extensively for free certs when we want to go up one step from self-signed. It works well on almost all platforms. We have only encountered problems with some old symbian telephones. – pehrs Nov 11 '10 at 18:17
1

GoDaddy certificates are pretty cheap, and I haven't run into an issue with them not being trusted. You certainly don't need to purchase an extended validation certificate, just a normal web cert will do fine.

CarloBaldini
  • 583
  • 2
  • 8
1

You'll be fine with the cheapest cert you can get. We've used the low end certs from RapidSSL, Thawte and recently AlphaSSL with no problem at all.

flooble
  • 2,364
  • 7
  • 28
  • 32