What’s the Difference? – Free SSL vs Paid SSL Certificate
Is a Free SSL Certificate Better Than a Paid One? Let’s Talk About it
These are all good questions. Questions to which there aren’t necessarily easy answers. Because the decision between free SSL and paid SSL comes down to several factors, the most important being the tech savviness of you or your IT staff.
An SSL certificate is an SSL certificate
So why wouldn’t I choose a free SSL certificate?
- Non-tech savvy site owners
- E-commerce websites
- Government websites
- Enterprise Companies
What do paid SSL certificates do that free ones don’t?
For starters, a free SSL certificate only authenticates the domain it’s issued for. When you see the https:// in the address bar (which is going away in Google Chrome 69), you know for sure that you are at that domain (and it’s not a Unicode domain or something phishy). But that’s it. You don’t know who is running that website, whether they are a real business—anything.
Paid SSL certificates have higher levels of validation available that can provide your users with verified details, not just about the domain they’re on but about the company or organization behind it. This is sometimes called business authentication and it is only available from commercial CAs. After all, taking the time to validate a company or organization takes time and resources the free CAs just don’t.
Speaking of resources, free CAs typically lack a support apparatus. When you pay for an SSL certificate, part of what’s baked into the price is the support that is available should you need anything. SSL/TLS has a lot of moving parts, that means there are a lot of chances for something to happen where you may be out of your depth. If anything ever breaks with free SSL you basically have to crowd source your support by sifting through old blogs or posting questions on forums. Paid SSL certificates come with 24/7 support. That’s a big factor for a lot of people.
And then there’s this, something many people don’t like to talk about: you have to put faith in your free CA that it will continue to be around. While AWS and cPanel aren’t likely to go anywhere anytime soon, Let’s Encrypt relies entirely on the generosity of others. Not a day goes by where it’s not panhandling on Twitter.
“Please, sir. The only way we can encrypt the internet for free is if you give us some of your money.”
You’d really be up a creek if that well ran dry and suddenly you had an entire portfolio of certificates that couldn’t be renewed.
Why shouldn’t enterprises use free SSL?
Externally, it’s usually better to use paid certificates on account of the business authentication they provide. Customers like the assurance of knowing who is behind the website’s they’re on and SSL is one way to provide that information.
|Main Features||Comodo Positive SSL||RapidSSL||Comodo Positive Multi Domain SSL||Sectigo Essential SSL|
|1||1||1 + 2 SAN||1|
|Personal Websites/Blogs||Personal Websites/Blogs||Personal Websites/Blogs||Personal Websites/Blogs|
|Within Minutes||Within Minutes||Within Minutes||Within Minutes|
|up to 256-bit||up to 256-bit||up to 256-bit||up to 256-bit|
|2048 bits||2048 bits||2048 bits||2048 bits|
|Domain name displayed on certificate details||Domain name displayed on certificate details||Domain name displayed on certificate details||Domain name displayed on certificate details|
|30 days||30 days||30 days||30 days|
So what is it? Free SSL or Paid SSL?
The choice is yours, we just want you to have all the facts.