Secure Socket Layer (or SSL) protection has become a mandatory component of owning a website today. This is because Google only shows websites that have an SSL certificate. This leaves you with two choices, use a free cert or a paid one.
While this may seem like a simple choice, it is a lot more complex than it is on the surface. Free and paid SSL certificates have their advantages and disadvantages that site owners should be aware of.
Today, we are going to look at how free and paid SSL certificates stack up against one another and see which one is the better choice.
What Is an SSL Certificate?
An SSL certificate is a digital certificate that encrypts the information sent between the website and the user and helps authenticate who owns the website. You can easily tell if a website has an SSL certificate by checking the site’s URL.
If a website has an SSL certificate, it will begin with “https://” whereas if it does not, it will start with “http://“.
Both search engines and web browsers expect websites to have an SSL certificate today. If they do not, these platforms send several warnings that will scare away the majority of users from the site. In the case of search engines, many these sites simply fail to appear in search results.
It’s also worth pointing out that a lesser-known feature of SSL certificates is that they can essentially act as insurance for fraudulent activity. SSL certificates mean the website is legitimate, thus if they are issued incorrectly, money is paid out to users who were wronged financially.
The value is different for every certificate. You will need to find the right one for your needs. As such, every successful site today has an SSL certificate.
What Do Free SSL Certificates Include?
Let’s start with the obvious – a free SSL certificate does not require any payment method. This means any website can have an SSL certificate without having to pay a penny for it. Generally speaking, these certificates work great in nearly any situation.
However, like most things, there are a variety of options you can choose from, even when it comes to the free option. Let’s take a look at some of the major factors you’ll need to consider when picking a free SSL certificate.
Authority
The first major factor of an SSL is where its authority is issued from. Let’s be honest, no one will believe an SSL certificate that was made by your uncle. No, instead, you need an actual organization that has a track record to ensure authenticity.
Simply put, when another business scans your SSL certificate, they are trusting the issuer, not you.
While there are several options to choose from, the most widely accessible and used option is Let’s Encrypt, which is owned by the Internet Security Research Group (ISRG). As a GreenGeeks customer, you get access to an automatic installation from Let’s Encrypt.
Again, there are other options, but when it comes to free SSL certificates, Let’s Encrypt is the most widely used.
Validation Type
In total, there are three types of SSL certificates that are differentiated by their validation level. When it comes to free SSL certificates, you can only get the first level of validation, which is Domain Validation.
Essentially, this form of validation confirms that you do own the domain and nothing more. It only takes a few minutes to obtain this validation, which is why it is the most common form of SSL certificate seen on the internet.
The other two levels, Organization Validation SSL and Extended Validation SSL are not available for free as they have greater verification requirements. Usually, you will need to pay an active subscription to maintain these levels.
Site/Trust Seal
You may have scrolled down to the bottom of a site before and seen a list of badges and seals that tell you about what powers the site, what it is protected by, and so on. One of those seals may have been a site or trust seal that comes from an SSL certificate.
Realistically, these seals do not have any actual importance in protecting your site. They are simply a visual representation of the SSL.
When it comes to free certificates like Let’s Encrypt, they do not have one for you to display. They believe having the “https://” in the URL is enough, thus you won’t have anything you can place on your site to prove you have one besides the URL itself.
Warranty
A warranty can help protect you from any fraudulent activity performed on or against your site like data theft or other security breaches. In the event these occur, the warranty will provide the site with a small sum to help pay for the damages incurred.
As you might expect, free SSL certificates do not offer a warranty.
Support
This is a bit of a tricky one because technically speaking, Let’s Encrypt (or many other free options) does not include any level of technical support you can access. Instead, they provide all of the information you need and leave the rest to you.
However, that isn’t really the case. In truth, most web hosting companies offer customers free installations of their SSL certificates. Thus, you essentially get free support alongside your free SSL certificate if you pick a good web host like GreenGeeks.
Just to be clear, not every web host does this.
What Do Paid SSL Certificates Include?
There are multiple premium options for SSL certificates. SSL certificates are not a one-time purchase but usually work as a subscription. How often you pay generally depends on the plan you select, with the most common kinds being annual.
The cost is also dependent on the plan you choose. Naturally, an SSL certificate with a warranty of $10,000 will cost less than one for $1,000,000, and there are many other variables to consider. Let’s take a deeper look into paid SSL certificates.
Authority
In the case of a paid SSL certificate, it is nearly identical to how a free one works. A Certificate Authority (CA) will issue you a certificate after receiving your payment. The main difference here is that generally speaking, these CAs who issue paid SSL are very trustworthy.
While there are many to choose from, the most popular is Sectigo. It is trusted by major brands and handles all types of validation levels for sites of any size. Choosing the most trusted name in the industry makes the most sense for anyone looking to buy an SSL.
Validation
Unlike free options that only offer domain validation, paid SSL issuers can offer all three types. We’ve already discussed domain validation, so let’s explore the other two options, Organization Validation and Extended Validation.
Organization validation is the next level of SSL that not only confirms ownership of the domain but also confirms that it is a legitimate business. This usually only requires simple information like verifying the business name, confirming the address, phone, and so on.
Unlike domain validation, because this process is more extensive, it typically takes around three days to receive your SSL.
Extended validation is the most comprehensive form of SSL. This is because, unlike organization validation, this one requires a human specialist. They manually review all of the information, which makes it less likely that it is a fake business or proxy.
Naturally, this also takes more time due to the manual review of the information, and can take around 5 days at most to receive an SSL.
Site/Trust Seal
Paid SSL options almost always offer a site seal or trust seal that you can display on your site. For example, Sectigio includes a seal that you can download and add to your site at any time. These seal images are typically placed in the footer area of pages.
That said, they are not limited to the footer. You’ll also see them placed in forms, checkout areas, and so forth.
The point is to let users know your information is secure and safe from prying eyes. This can create confidence from shoppers that the site is legitimate and they won’t face any problems in the future.
Warranty
Unlike free SSL certificates, most premium options come with some form of warranty, although some do not. Generally speaking, this is where plans come into play when choosing a premium SSL (alongside validation level).
Warranties can cover as little as $10,000 or cover as high as $2,000,000. That said, there are probably even higher warranties available on enterprise-level sites, but that information is not available.
So how does this work? Well, the money does not go to the site owner, it goes to the visitors who lost money by making a transaction on a site that was given an SSL certificate by mistake.
This helps make CAs more accountable and raises standards to ensure only legitimate businesses receive an SSL.
Support
This is another big advantage of paid SSL certificates. Since you are paying for a service, it is only natural to receive support to help you make the most of it. In many cases, these services will help you set up the SSL certificate in a wide range of environments.
They can also help you access resources when needed related to your SSL. One thing that isn’t often mentioned is that an SSL can cause serious errors on your site. As such, the support team can help you identify the problem and provide solutions.
The kind of support depends on the business, but you can expect all of the normal support channels, such as email, live chat, and phone support. Simply refer to your CA for information on what support options are available.
Which Is the Best SSL Certificate?
Well, simply put, you get a lot more from a paid SSL in comparison to a free one. If we were looking at them objectively, yes, the paid option is simply the better option for sites, especially those that deal with financial transactions (eCommerce).
With that said, that’s not the whole story. Truthfully, most sites will do fine with a free SSL license from Let’s Encrypt.
Again, the main advantages are really for eCommerce sites that sell products, collect user data, and so on. The SSL is meant to add security for the visitor, which it does even at a free level.
When just starting out as an eCommerce site, having a visible trust seal from a respected company like Sectigo is a great way to show you are a legitimate business. Let’s face it, customers are less likely to purchase from a site they’ve never heard of.
Now, in the case of a blog, it is not necessary to go beyond a free SSL certificate. Most users will create an account to leave comments or sign up for a newsletter, with the only piece of information given out is an email address.
Thus, I would say the best SSL certificate for blogs is free, while eCommerce is paid.
Free Vs. Paid SSL FAQ
Free SSL certificates from Let’s Encrypt last 30-90 days. When the time passes, they will need to be renewed, which is of course, still free to do. Just be mindful not to let it expire, as it can tank your SEO.
Paid SSL certificates last for approximately one year. This has become the industry standard which is why most payments happen annually. You should be contacted before it expires to avoid any lapses.
Generally speaking, not really, but it is worth mentioning that paid options typically include HTTP/2 support or advanced caching options, which can improve performance. It is entirely dependent on the CA.
While it is possible, no they are not. Most web hosts have working relationships with specific CAs and will install their SSL licenses as part of a plan. Here at GreenGeeks, we have automatic Let’s Encrypt support.
Probably not, but they do notice when there is not one present. This is because web browsers will make it difficult to access the site, and the warning messages will scare the majority of users away.
Absolutely! An SSL is just the first line of defense, and since every site has one, it has a big target on its back. Having additional security plugins to cover it and the rest of your site is essential.
Yes. At any time, you can go from a free to a paid SSL certificate. You can also go to higher validation levels at any time.
Get An SSL Certificate on Day One
An SSL certificate is not optional. Search engines and web browsers have made them mandatory to protect users against scams and other nefarious things you can find on the internet.
Not having one will ensure you do not appear in search results, and users who do manage to find your site will be met with warning messages instructing them that the site is unsafe. Naturally, this is a death sentence for any site.
Thus, when you launch your website, make sure you have an SSL certificate. Your website cannot succeed without one.
Which SSL certificate do you use on your site? What was the biggest factor when deciding between a free and paid SSL certificate?
