Paid SSL vs Free SSL Certificates
The clamour to install SSL Certificates began in late 2016 as it became apparent that Google was starting to favour websites that had Secure Sockets Layer protocols in place.
What is an SSL Certificate?
SSL Certificates are small data files that digitally bind a cryptographic key to an organisation’s details. When installed on a web server, it activates the padlock and the https protocol and allows secure connections from a web server to a browser. Typically, SSL is used to secure credit card transactions, data transfer and logins, and more recently is becoming the norm when browsing social media sites.
Why do I need one?
Users of Google’s Chrome browser may have noticed certain websites being highlighted. Sites that ask for passwords, etc. are given a “Not Secure” label. Going forward Google have plans to roll out this “Not Secure” message across all web pages – not just those that ask for passwords or card details. The eventual plan is to show a red warning triangle so that visitors are clearly warned about sites that aren’t secure. Ultimately there is a strong chance that visitors may leave an unsecured site, which could result in site owners losing online enquiries and ultimately, business.
Soon, the search engine will be penalising urls that don’t have an SSL Certificate by dropping their rankings, meaning SSL-certificated websites will be favoured above those without them in Google searches.
What are my options?
As emphasis on secured sites has increased, so too has the number of options available. Free certificates are available via Cloudflare and LetsEncrypt, paid certificates can be purchased via the Clook website. These range in price from £15 per year (with multi-year discount) for the budget SSL to £350 for a full green bar certificate.
What’s the difference?
My previous article Clook SSL or Cloudflare SSL detailed the key differences between a paid for certificate and a free one. The 3 important factors to consider are:
A free SSL will generally not display the name of the site it covers. A purchased certificate however shows the user the website they are visiting is fully covered.
SSL Certificate Warranty is an insurance for an end user against loss of money when submitting a payment on an SSL-secured site. The basic Alpha SSL provides the end user with upto $1,000 warranty.
Typically free SSL’s are valid from anywhere between 30-90 days. Upon expiry a new certificate will need to be generated to replace one on the site. It is possible to purchase SSLs for upto 2 years and usually with a discount.
The advice I gave earlier this year still stands: A free SSL is a good option if you are looking to quickly secure a site or want a short term option however if you intend to keep your website SSL protected for 12 months or longer a paid certificate is the better option.
In addition, as SSLs become more popular I would not be at all surprised should Google add weight to sites with a premium certificate rather than a free version.