I have been thinking to implement SSL to some of my sites because Google everyday forcing us to migrate to SSL. My hosting provider giving free SSL certificates, so is it fine to use them?
I have been thinking to implement SSL to some of my sites because Google everyday forcing us to migrate to SSL. My hosting provider giving free SSL certificates, so is it fine to use them?
Normally it's an annual pay from 50-500$ for SSL depends on what type of certificate, but a free one is my first time to hear. I think it's the least secured certificate then, if you're fine with that then sure you can give it a go.
Thanks for sharing such information.
FreeSSL certificates are not recommended to commercial websites who are working with users from the western countries, who are traditionally serious about their financial security. They all are familiar with brands like Comodo or Symantec. Presence of an SSL certificate from WoSing, StartSSL or even some Polish brand providers on commercial website, in their understanding, gives the same amount of guarantees, as a certificate published by… some unknown guy, who they have met once in the corner store last week.
SSL (Secure Sockets Layer) is the standard encryption technology which establishes a secure connection between a web browser and the server. This ensures that all the data which passed during the connection remains private and encrypted. SSL is used by millions of websites to protect the sensitive information entered by visitors.
Many hosting companies are offering Free SSL Certificates based on Let's Encrypt. And I've been using it for a while now with many of my and my clients websites without complaints.
While you still can purchase SSL Certificates on your own, Let's Encrypt is pretty safe and reliable. So my answer would be it's very okay to go for it as long as it's offered by Let's Encrypt that has been installed and configured on your website server.
I'm not sure what kind of hosting environment you're currently using. If you're on a shred hosting account, your provider should be able to take are about generating and installing the Let's Encrypt SSL Certificate for you. If you're on a VPS or a Dedicated Server, you may need to talk to your IT Manager to get Let's Encrypt configured and ready to use.
Oct 5, 2016 - Let's Encrypt provides an API where you can apply for a certificate and get one. It employs a command line client called Certbot to offer certificates. Just install Certbot on your server, enter a few commands, and you get a free SSL certificate. This is the manual process, and it requires familiarity with a ...
There are few certificate authorities,which issue free certs for a 1 year without any problems. These are WoSing and StartSSL.
What are the risks?
1. FreeSSL certificates are not recommended to commercial websites who are working with users from the western countries, who are traditionally serious about their financial security. They all are familiar with brands like Comodo or Symantec. Presence of an SSL certificate from WoSing, StartSSL or even some Polish brand providers on commercial website, in their understanding, gives the same amount of guarantees, as a certificate published by… some unknown guy, who they have met once in the corner store last week.
2. These certificates do not fit people who need free help with SSL certificate installation. So if something will go wrong you will lose a lot of time (and money) before solving this problem by yourself
3. Popular non-commercial projects, who are super serious about their brand, will unlikely use free certificates. Cause it's like walking in a "Burger King"T-Shirt. I mean it’s absolutely normal and rational, but your audience should think the same way about it as you.
4. In addition, by the start of 2016, StartSSL still no support for national domain names (IDN) top-level domains. Therefore, if you are an extrovert with a domain like «我的博客.中国», then you should cough up and buy at least a cheap Comodo PositiveSSL.
Yes, absolutely no problem. I highly recommend you to install Let's Encrypt SSL certificate for your website. It is sponsored by Google. Here is a simple tutorial for SSL installation. It allows you to install it with a few clicks.
There is some great and easy to use free SSL certificate alernative theses days. With cPanel, you can use cPanel Auto-SSL as well as Let's Encrypt. You can use Let's Encrypt on Plesk as well, on install it on a server with no panel.
There is no problem to use them, they will allow to browse your website without having a warning.
For commercial/transactional website, I would also prefer to use paid signed SSL certificate as it comes with assurance. But I would say it's the primary difference for "regular" SSL.
█ Eric S.
█ GloboTech Communications - Hosting Specialist
█ Dedicated Servers, Managed Servers, Colocation and Advanced Solutions
█ Proudly Canadian - Montreal - In business since 1999 - www.globo.tech
it really depend on how yourself feel. infact free SSL or paid SSL make no different. only paid SSL come with Warranty, but do you think you will be able to be backed by the warranties that pay out anywhere between 10 grand and 1.75 mil?
+ HaBangNET - Stable + Reliable + Powerful + High-Availability - Delivering Stable Hosting Since 2010
+ Multiple Domain Shared Hosting | Reseller Hosting | VPS Hosting | Dedicated Server Hosting
+ Global Web Hosting Services - Go STABLE? Go with HaBangNet!
+ Servers Hosted in China, Mainland | Hong Kong | Singapore | Australia | United States | Germany | South Korea | Brazil
Free SSL providers only offer Domain Validation certificates because these are cost-free and can be issued quickly. While this can be a great fit for a small website or blog, it’s not the best option for larger websites or those collecting personal information about their users.
To be specific to your questions, I will only consider Domain Validation (DV) SSL Certificates. There is no free equivalent of Extended validity (EV) SSL Certificates, so I will keep that aspect out of my answer. There is no difference in security between free and paid DV Certificates. In fact, free Certificates are perfectly fine for non-commercial websites such as blogging websites with nothing to sell or no information to collect. Free Certificates are like DIY projects and do not come with any kind of support or warranty. If you cannot figure out how to do something from time consuming reding of their documentation or online research, then you are on your own.
A warranty is an insurance for an end user against loss of money when submitting a payment on an SSL Secured site and is an extra assurance that your site is safe to conduct business online. They may also have other shortcomings such as not allowing an unlimited wildcard entry which is a feature available in a type of paid Domain Validation Certificates are called Wildcard Certificates.
So, when it comes to e-commerce or banking websites commercial certificate is the right way to go.
Absolutely yes! You should use SSL on your website. And nowadays most of the hosting providers provide free SSL certificates.
Using Free SSL is ok but they don't reliable every time.
|
Bookmarks