Paid certificate for regular commercial sites. Is there any reason?

Started by Newport, Aug 04, 2022, 07:10 AM

Previous topic - Next topic

NewportTopic starter

Hello!
Friends, such a question. After Comodo banned the Russian Federation for the renewal of its certificates, I am gradually transferring the customer sites in the ru segment to Lets Encrypt with auto-renewal. Everything seems to be good.
And now, more than a month ago, the hoster had the opportunity to order paid certificates from GlobalSign AlphaSSL for a year. I ordered a certificate for a test on one site, as a result, verification came only a month later. Slowly, but okay, the certificate connected successfully.

Question. But still, does it make sense to connect a paid certificate, or is free ssl more than enough for ordinary commercial sites, without financial transactions, etc.?
Or there might be problems with auto-renewal every 3 months, impact on seo, or some other pitfalls???
  •  
    The following users thanked this post: Sevad

-DM-

In 99.99% of cases, a free certificate is more than enough: neither users nor search engines will feel the difference between AlphaSSL and Lets Encrypt.

Noticed nuances:

- The certificate from Alpha SSL necessarily includes the www subdomain and cannot be refused. It's stressing me out.
- To get a certificate from Lets Encrypt, you need to install certbot on the server and trust it. Getting a certificate without a working site is difficult.
  •  

_AnnA_

Quote from: Newport on Aug 04, 2022, 07:10 AMBut still, does it make sense to connect a paid certificate, or is free ssl more than enough for ordinary commercial sites, without financial transactions, etc.?

There will be no difference. Unless, of course, a lot of money is flowing through the online transactions of a commercial site, and insurance for a million - one and a half is not required.

Quote from: Newport on Aug 04, 2022, 07:10 AMOr there might be problems with auto-renewal every 3 months, impact on seo, or some other pitfalls???

If hosting is with a panel, then it will be renewed itself, glitches rarely occur, they are treated through support. If your server, then as written above.
  •  

NewportTopic starter

Certbot, if necessary, can be installed on a home computer. True, it will be necessary to generate / transfer the certificate every three months with pens.
Well, or on a separate server.

Thank you all, accepted!
  •  

atocloud

SSL certificates cost from $10 to $200 per year. However, they provide a decent level of protection.
Paid certificates have more difficult keys to decrypt, since they are longer. In addition, the product comes with insurance — in case of hаcking, the domain owner will receive guaranteed compensation.
There is no need to worry about the reissue of the certificate, it will be updated once a year. There will be no incompatibility with browsers — almost every one of them is ready to work with paid certificates. Therefore, users have nothing to fear. We can say that this product even helps to promote the site, because there are much fewer failures when using it.

The domain owner does not need to solve problems with the renewal of the certificate, the supplier company will take care of it. It will be easy for him to figure out many issues on his own, since there are many instructions in Russian for paid SSL certificates.
Of the disadvantages of the product, we can only highlight the fact that it is paid and is not always issued quickly. It all depends on the type of certificate.
For example, an EV (Extended Validation) SSL certificate can be issued for more than five days due to the verification of documents confirming the activities of the organization.
  •  

Guess jr.

Paid high level certificate is just a matter of prestige. For serious banks, large corporations. Yes, it provides insurance, in case of hаcking, within certain amounts. But the vast majority of users do not need it.
That is why there is such a widespread free certificates, which are provided by the hoster. Hoster they do not cost anything, if you use certain software are updated without the participation of the user - convenient, right? And that's what attracts customers to hosting.
Lets encrypt and inexpensive certificates for online stores - that's what you need.
  •  

Garamas

What do you want, money or safety? If it's the second - of course. It doesnt cost a lot and provides your site (which is DESIGNED for commercial buisness) with a better security.
  •  

Hanna-banana23

Free certificates are easier to crаck, it's hard to say about positions from the point of view of SEO. If the site makes payments or stores user data, it is better, of course, to put a paid inexpensive certificate. Although the situation in Russia is very unstable now, many services stop working, here you need to carefully approach the choice.
  •