- How to Create a Self Signed Certificate in IIS 7
- How to Create a Self Signed Certificate using Java Keytool
- The Most Common Java Keytool Keystore Commands
- SSL VPN Servers
- How to use SSL Certificates with Exchange 2007
Top 10 Ways to Save Money on SSL Certificates
Economic recession got you down? Are you looking to save money on SSL Certificates so you have enough money for the power bill? SSL Certificates are expensive little buggers for just being a few Kilobytes of data. We’ve got some great ideas for you to save money on SSL Certificates:
Buy a wildcard certificate
A wildcard certificate allows you to secure an unlimited number of sub-domains on one domain name. If you have 10 sub-domains to secure you could pay $2000 (at $200 each) using single name certificates or just $500 for one wildcard certificate. Learn more about the pros and cons of using wildcards and compare the best wildcard certificates.
Buy certificates for more than one year
Nearly every certificate authority offers discounts for certificates that are valid for more than a year. Some, like GoDaddy, even offer certificates for as long as 10 years. Getting certificates for multiple years saves money in more ways than one: you don’t have to spend time ordering and installing the new certificates every year. This can save you a lot of headache as well as moolah.
Buy certificates in bulk
Many SSL providers offer discounts for organizations that order many certificates at a time. VeriSign offers a 5%+ discount is you buy four or more normal certificates.
Buy from a different Certificate Authority
You shouldn’t be surprised to know you can get a certificate from a different provider that functions exactly the same as one from a much more expensive provider. Use our SSL Certificate Wizard to compare SSL certificate features and SSL provider ratings.
Don’t buy SGC certificates
SGC (Server Gated Cryptography) certificates allow a fraction of a percent of your users, if any, to have 128-bit connection to your site instead of being blocked. These are users who use very old, vulnerable browsers like Internet Explorer 5.01. Not only do SGC certificates cost more, but they give you very little benefit and promote the usage of old browsers. Do your visitors a favor and make them upgrade their browser so they can be secure in more ways than just encryption. Learn more about SGC Certificates.
Get domain-validated certificates, where possible
A domain-validated certificate is an SSL certificate that only includes your domain and not your organization name. More importantly, the provider that issues the certificate doesn’t do any verification of your company identity. They only verify that you own or have access to the domain name. Because they can be issued almost automatically, they are much cheaper. However, domain-validated certificates offer no assurance to your customers of your identity. Almost any skilled phisher could get a domain-validated certificate. For this reason, you should only use a domain validated certificate on an internal server, or one where the visitors already trust the organization and know they are on the right website. Learn more about domain-validated certificates.
Buy the right kind of certificate
SSL certificates come in many varieties and options. You can waste a lot of money if you buy the wrong kind of certificate for your needs. For example, don’t buy a UC certificate or a wildcard certificate if you only need to secure one name.
Make your own certificates
What better way to save money than to not spend any at all? You can make your own SSL certificates with a few simple commands. These are called self-signed certificates. The catch? They won’t be trusted in any web browsers and will throw a big error message unless you tell each web browser to trust them. This doesn’t work for most companies but it still enables encryption for the visitors who know how to tell the browser to accept the self-signed certificate.
Use a free Certificate Authority
There are some SSL providers who offer free SSL certificates (not just trial certificates). Unfortunately, their root certificates aren’t included in all the web browsers so you face many of the same problems that you would face if you created a self-signed certificate. Also, the certificates aren’t typically as well-known by visitors and you get very little support. The two most well-known free certificate authorities are CAcert and StartCom.
Buy a more expensive certificate
Oh, wait. This one shouldn’t be here. Or should it? Maybe you just need to make more money, instead of saving money. If you buy a more expensive SSL certificate (particularly an EV certificate that enables the green address bar), you may be able to increase your sales which could easily offset the cost of the most expensive certificate. Several studies have concluded that EV certificates have great potential to increase the number of transactions you do on your site.
Bonus tip: Use a trial certificate for testing
A trial SSL certificate is normally only valid for a month or so and sometimes is issued off of an untrusted root certificate. If you just need to get your environment set up and prove that it will work before laying down the cash, then a trial certificate may be the solution. Once you’ve got everything set up, you can buy a real certificate and start using it right away rather than wasting a month of the certificate lifetime in testing your environment.
Hopefully, now you’ll stop wasting your money on SSL certificates and start spending it on more useful things (video games?). Make sure to use our SSL Wizard to find the right certificate at the right price, and check out the SSL Special Deals page to see if there are any current deals.