Recently I need to look around for purchasing a SSL certificate for my web server APIs. since I have not done this in past. I started looking around.
What I found
- There is quite a few certificate authorities and quite a few reseller who offer good discounts over and above the CA price.
- There is a choice needs to be made between kind of SSL certificate – 1) EV certificate 2) Standard certificate 3) Wildcard SSL. In layman terms, EV is considered more secure; shows green bar in the browser; other certificate only show a lock Wildcard certificate can be used for many subdomains; example: api.example.com, anothersubdomain.example.com etc; also cost more than standard; standard can be used only for a subdomain; root and www domain both can be protected by one standard certificate.
- Bare min Standard SSL Certificate costing as much as typical year worth of shared hosting; sort of starts at USD 49.
- Cost variance from multiple CA is significant. Range goes from USD 49-1000.
- Reseller discounts also have good range. Cost price from resellers range from USD 13-500.
- Since the money involved mattered to me, the decision mattered. Time will tell whether the decision made is right one. I will write again about it.
- A certificate is a certificate whether it comes from CA1 or CA2. I need to just avoid bottom of the list of CAs. Save cost.
- Green bar in browser does not matter when making a choice for web server apis. I just need a certificate. Ruled out purchasing EV at higher cost.
- Sometimes securing different subdomains with different certificate is required since they need different level of security. for example – it is good to keep certificate for signup apis and other apis separate.
- It is good to start with spending less. Put more money as needed.
- Based on 4 and 5 – I ruled out wild card SSL.
- sslshopper in my case gave good deal for standard ssl from godaddy.
- Decided to go with standard ssl from go daddy. sslshopper link redirected to godaddy. interesting thing is only after adding to cart the discounted price shows up. Prior to that, go daddy standard price shows up.
- go daddy worked better since it charged in local INR currency. I probably got the best price. INR 338 after discount.
It took over 1.5 days to get to understand what is required, and making the purchase.
Did you need to go through similar requirements? What worked best for you? Share your comments.
Update after a year: auto renewal from godaddy for the SSL charged USD 69.99 on my card. There are two issues: 1. payment mode changed to USD from INR 2. renewal value is 10+ times the original purchase amount. I have to call support and cancel the certificate since they could not address both the issues. It is good to keep auto-renewal off and manually find a good deal for renewal. I have to yet figure out – another purchase of the SSL.