Should you go for a free Let’s Encrypt certificate or a premium SSL certificate?
An encrypted connection has become indispensable for those who want to send data over the Internet. Not only is this solution more secure, but it will also help you achieve a better SEO ranking. However, for this, you will need an SSL certificate. Combell has recently started offering free Let’s Encrypt certificates. But what is the difference with premium SSL certificates?
An SSL certificate guarantees security and improves SEO
It is becoming clearer by the day that, for your website, you should use a secure connection between your server and the browser on your visitor’s computer. This does not only apply to web stores, but also to informative websites. But there is more: Google has announced that the newest version of the Chrome browser (version 56) will feature a red warning icon on non-secure websites, in order to inform users that these sites are not secure. And we are pretty sure you want to avoid this sort of embarrassment for your website, right?
For a secure connection, you need an SSL certificate, which confirms the authenticity of your website and provides information about the certificate owner. Feel free to read our articles “SSL: what is it and how does it work?”and “The SSL certificate: what should you do?” for further information on the subject.
The SSL certificate: paying or free
An SSL certificate from a commercial Certificate Authority such as Comodo is quite expensive, but it is definitely worth the extra money. However, organisations often do not have sufficient financial resources to afford a premium SSL certificate. The “Let’s Encrypt” project was started as an initiative aimed at encouraging these organisations to switch to the secure HTTPS protocol, with the support of Mozilla, Akamai, Google Chrome, Cisco, Facebook, Automattic and many others.
This open Certificate Authority offers free SSL certificates, which provide basic security features.
Obviously, the great advantage of such a solution is that it makes secure connections more affordable. It makes it easier for companies and organisations to encrypt traffic (including internal traffic).
Starting this month, all Combell customers can get a Let’s Encrypt SSL certificate for their Linux hosting package. If you want to find out how this works, please click here.
Let’s Encrypt or an established Certificate Authority?
Now that you can have such a free SSL certificate, does it still make sense to go for a premium certificate from a commercial CA? The answer to that question depends on the purpose of your website and the guarantees you want to offer to your users/visitors.
If you only have a modest website, and all you want is make sure more visitors will trust your site thanks to an https:// connection (and avoid having a nasty warning in Chrome browsers!), a Let’s Encrypt certificate will probably do the trick.
Users will know that
- nobody messed with the content of your website
- that it was not intercepted during transmission
- and that no one can display ads on your website, for example when you use public Wi-Fi hotspots.
Nevertheless, if your website contains confidential information, we strongly recommend you to use a premium SSL certificate from a commercial CA. After all, you are responsible for maintaining the confidentiality of the information provided by your users, and for keeping their data secure.
Such websites include websites
- where users have to log in using a user name and a password
- or where they need to complete forms
- e-commerce sites where credit card information must be submitted
- government sites where users are required to authenticate
- websites of healthcare partners where users share confidential information with their doctor
Commercial Certificate Authorities provide different types of premium SSL certificates:
- Domain validation: only the domain name is validated, so that users can be sure that data are sent securely and that they are authentic. The identity of the website owner is less important and is not mentioned on the certificate.
- Organisation validation: the company details are explicitly mentioned on the certificate and are verified via in-depth verification via the Chamber of Commerce, the Yellow Pages, phone number verification, etc. Not only are users guaranteed that you are the actual owner of the domain name associated with your website, but they can also trust your company.
- Extended Validation (EV): here, in addition to having your business verified, the CA also offers financial compensation in case of abuse. This way, users get the best guarantees, which increases their trust in your business even more. If your website uses this certificate, your users will have a green address bar in their browser, which clearly means they can fully trust your website.
Of course, such a rigorous verification requires a lot of time and work. It is e.g. necessary to submit a comprehensive application. Not a fan of paperwork? Give us a sign and Combell will handle the application process for you from start to finish. Since an extensive verification is required, the certificate is not renewed automatically either. But once again, you can count on Combell.
The established reputation of commercial CAs is yet another guarantee, which justifies the higher price. And it has significant benefits, such as stronger guarantees for your visitors and better protection against phishing, which helps build more trust among users, have more satisfied customers and generate more sales. So, it is definitely a win-win situation!
Tip: You can cut the costs by using multi-domain or wildcard SSL certificates. And our special offers can give your web store a little boost!
Combell expert Simon Van der Heyden summarized the differences between Let’s Encrypt certificates and certificates issued by other CAs:
|Let's Encrypt||Premium SSL certificate
|What is verified?||Only the domain name||3 options: domain name, organisation, Extended Validation|
|Who uses it?||Websites that do not process confidential information||Large websites, e-commerce, banking, healthcare|
|How many domains?||Standard (1 domain) or Multi (maximum 3 domains and/or hostnames)||Standard, Multi and wildcard (domain and all subdomains you create)|
|What is secured?||Focus on HTTP traffic||Web traffic, e-mail, file transfer (FTP)|
|Guarantees in case of abuse||No guarantees||Significant guarantees|
|What duration?||Renewal every 3 months (Combell provides assistance with automatic renewal)||You can choose the duration yourself (up to 60 months); Combell provides assistance with both application and renewal|
|Additional trust seal?||No||Yes|
|How reliable is the certificate||The CA is still developing||The CAs are a safe bet|
|Benefit||Encryption is affordable.||Strong, reliable prestige image|
|Drawback||Limited guarantees||Price (Combell runs special offers!)|
Please check our range of premium SSL certificates for further information. If you run a web store, feel free to avail yourself of our unique guarantee we provide with extended validation certificates: if your turnover does not increase by 15% within 6 months, you will get a full refund for your EV SSL certificate!