You may have recently read that free SSL certificates are being offered by different companies to customers all over the web. One goal of offers like these is to make HTTPS easier to use and affordable for anyone.
At Namecheap, we’re always glad to see increased data safety and web security promoted and encouraged – it’s a positive development for everyone.
However, no matter how attractive the prospect of free SSLs may seem, there are still plenty of very serious factors to consider when comparing free SSLs with those from trusted providers.
In this article, we’ll cover the crucial points which show that a paid cert is the better choice.
Unlike trusted Certification Authorities, free SSL providers offer only certificates with the basic validation of domain ownership. Therefore, it’s not possible to get a Business Validation SSL or the “green bar”, the visual cue which indicates the highest level of trust for the website.
Moreover, with paid Domain Validated (DV) SSLs, the Certification Authority performs a validation check every time you use a credit card for online purchase, and before the purchase is authorized. Free CAs do not perform this basic validation check, leaving your sensitive payment information unencrypted and visible to whoever runs the site. Are you certain you can trust them?
Imagine you’ve made a payment on a website secured by a free SSL, only to later become a victim of fraud through that same site. With paid SSLs, you can report the issue to the Certificate Authority and your purchase will be covered under their warrantee. No such protection is offered with a Free SSL.
Any time Namecheap receives a report of abusive activity on secured websites, we work with the CAs to investigate the issue. This brings us to the next reason a paid SSL is the better choice.
2. Customer Support
Here at Namecheap, we do our best to provide the most complete and efficient support for our customers. We’re available every day of the year – 24 hours a day, 7 days a week. We’re ready to help you with any issue you might face in setting up a secure connection, from offering advice which SSL type to choose, to giving step-by-step instructions on installing your cert on the server.
On the other hand, free SSL issuers provide limited or no customer service at all. If there’s an issue with installation or a delay in receiving your cert, the issue is not likely to be resolved in a timely manner. Once again, these free SSLs don’t come with warranties or Service Level Agreements.
Currently, you can get a paid certificate for 1 or 2 years of validity. This means you only need to take one day a year (or less, with longer plans) to set up your SSL, and then forget about it. Your business will run smoothly without interruption and your data will stay secure for a good long time before you need to worry about renewing your certificate.
Free SSLs? Not so easy. You might need to renew these certs within a much shorter period of time; becoming just one more unnecessary item on your to-do list and trouble for your website if you forget to renew. Even using automation as a workaround, SSL renewal shouldn’t be something you worry about more often than you visit your dentist, should it?
The majority of paid SSL issuers provide Wildcard certificates, making it easier to work with subdomains. If you have a lot of subdomains, managing them all through the same SSL definitely beats activating, validating, and installing a single SSL for every one of your customers.
Wildcard certificates secure all the subdomains of the same level per domain. All the subdomains are included by default – you only need to install the same cert on the required server when a new subdomain is created.
Most Free SSL providers support only single and multi-domain certificates. With multi-domain certificate, you’ll need to add every single subdomain to the SSL manually and reissue it every time you have a new subdomain to secure.
5. Hosting package and server compatibility
One of the main benefits of paid certificates is that they can be used on shared hosting packages as well as on self-managed and dedicated servers. Most hosting providers provide full SSL installation service for shared hosting users, so the whole process of SSL setting up is quite simple.
Some free SSLs may provide no opportunity for use with a shared hosting package: one should have root access to the server to be able to install the cert. Moreover, there is a chance that the script for free certs installation overwrites server configuration, so it is crucial for you to have profound technical knowledge to avoid issues with your resource.
Also keep in mind that scripts for automatic free SSLs are not compatible with Microsoft-based servers like IIS and Exchange until the cert is originally created on a Linux-based system. Paid certs are compatible with nearly any server.
One more drawback of using a free SSL is that you may discover that it can only be installed on one server. If your website is hosted on multiple servers, you may not be able to install the SSL on all of them. On the other hand, even most of basic Domain Validation certs from trusted CAs can be installed on the unlimited number of machines.
In the end, free SSL certs are a great choice for personal blogs and other basic sites that don’t conduct financial transactions or collect sensitive data. However, e-commerce organizations, sites that gather customer data, and companies that value their reputation of protection and trustworthiness should use OV or EV SSLs only from known and trusted CAs. The levels of encryption, validation, and authentication that these websites require can only be provided by these validated, top-level products.