Thursday, 26 December 2019

GoGetSSL

GoGetSSL is a company that sells SSL certificates. You know, those things that are required to make your site use https://, not http:// which doesn't feel like an optional choice these days with browsers making sites looks scarily insecure without it and search engines telling us is a ranking factor. I'm talking to developers that generally know this though, and I bet your question is exactly the same as the first question I had:

Why would I pay money for an SSL certificate when I can use Let's Encrypt for free?

So I asked them. This way I could make sure I understand it and then relay that information to you. Turns out, there is a bunch of stuff you get for a buying an SSL certificate from GoGetSSL. One is particularly interesting: they have free certificates too, and you don't have to do fancy command-line stuff to get one, and include customer support and other benefits. So there is that.

Here's a dozen other things they told me.

  1. Paid SSL can use ECC (Elliptic Curve Cryptography, an popular alternative to RSA). All GoGetSSL certificates have ECC included.
  2. Paid SSL has Multi-Domain and Multi-Domain Wildcard SSL certificate which allow protecting up to 250 different wildcard domains with the same certificate.
  3. Let's Encrypt can be painful for some users who don't have knowledge of using the command line and configuring servers.
  4. Paid SSL provides SSL management for you, like letting you know when your certificate is going to expire. Let's Encrypt has automatic 90-day renewals, but it has a volume limit. If someone floods them with new certificates, you may not receive your renewal SSL in time and could potentially leave your site unprotected.
  5. Paid SSL verifies the business organization, which is an extra level of trust for customers. You can actually check the owner of a website within the certificate.
  6. Paid SSL can include an LEI code, which is a cross-check verification for the organization. Let's Encrypt would never have that, as it is a paid feature.
  7. Paid SSL offers a dynamic site seal logo with identity verification.
  8. Paid SSL can protect the public IP address (a very popular product right now).
  9. Paid SSL can have a warranty (the certificate vendor must provide reimbursement for end-users who are charged fraudulently).
  10. Paid SSL has premium customer support.
  11. Paid SSL may issue Code Signing Certificates (assurance that a piece of software is from a particular developer and has not been tampered with). Let's Encrypt does not offer this.
  12. Paid SSL may issue Personal Authentication / S/MIME SSL certificates (like an SSL certificate for email), another thing Let's Encrypt does not offer.

Sound good? Try GoGetSSL for your SSL certificates.

The post GoGetSSL appeared first on CSS-Tricks.



from CSS-Tricks https://ift.tt/2EW1tSY
via IFTTT

No comments:

Post a Comment

Passkeys: What the Heck and Why?

These things called  passkeys  sure are making the rounds these days. They were a main attraction at  W3C TPAC 2022 , gained support in  Saf...