We probably don’t need to point out that security is a big deal. You know that, we know that, pretty much anyone on the web knows that. It’s all well and good knowing it’s important, but how do we make sure we’re doing it right? Using an SSL certificate is a step in the right direction, but can you just use a free one or should you pay for one like DigiCert?

Do you have a new site and are debating if you should go for a paid SSL certificate? Or maybe you already have a site with a free SSL installed and are wondering if you should make the switch to paid? Either way, you want to make sure you’re using the right security to keep your visitors and potential customers safe.

SSL certificates are an essential part of web hosting and you can snap one up for free (like Let’s Encrypt). So why would you pay for one and why should you use DigiCert? We’ve got the answers to your questions – step right this way…

What is an SSL certificate?

 An SSL certificate provides a secure connection over the internet – most commonly between a user’s browser and the website they’re visiting. SSL can be installed on a VPS and other types of servers for additional security layers which is incredibly beneficial – particularly if you run a server hosting multiple websites.

Of course, there are pros and cons to both paid and free SSL certificates and if your head is already starting to spin, don’t worry, we’ll straighten things up for you later on…

HTTPS

HTTPS (Hypertext Transfer Protocol Secure) is an acronym you’ll often find in your search browser. This means the website you’re visiting is secure with an SSL certificate. It serves as a trust signal for visitors who may wish to make payments and/or browse safely on said website. Plus, Google has said HTTPS is a ranking factor – so it’s in your best interest to ensure this reads on your own web address too!

SSL vs TLS

First things first, let’s clear the air on the term SSL. While we’ll be talking about SSL certificates in this post, most providers (including us) now use TLS (Transport Layer Security), the upgraded, more secure version of SSL. It’s a protocol that works just like SSL, encrypting data that’s transferred between a web server and a user. However, even in today’s tech world, we still refer to TLS as SSL due to its familiarity. So while everything we talk about also applies to TLS, it’s still industry practice to refer to it as SSL because it’s a more commonly recognised term.

In short, both SSL and TLS help create a safe link between a website and the visitor's browser in a step known as a 'handshake.' Essentially, the browser checks the website's SSL certificate. If the certificate checks out, the browser and the website set up a private connection using encryption methods. SSL connects through a special channel called port 443 (the port used by SSL to make sure the data between your browser and the website is secure).

SSL vs SSH

You may have heard the term SSH thrown around, but how is SSL different from SSH? Secure Shell (SSH) is a networking protocol designed to remotely log into another computer and run commands. Unlike SSL, which is designed for a secure connection over the internet, SSH allows remote command execution and file transfer.

For an encrypted communication channel, SSH typically needs a username and password. In contrast to SSL which requires server-side authentication exclusively, SSH necessitates client-side authentication as well. This makes SSH incredibly secure, making it an ideal tool for accessing systems remotely and for file transfer of sensitive data.

Why you should use SSL

Now, let’s answer the most common SSL certificate question – why should you use one? There are many benefits of SSL certificates, including:

  • Protecting your data
  • Improve search engine rankings
  • Reduce the risk of phishing
  • Secure customer payments
  • Showing visitors your site is trustworthy
  • Ensuring your site is perceived as safe

The bottom line is that if you own a site, you should install an SSL certificate. Even if it’s just a portfolio consisting of one page, that doesn’t mean it won’t be invulnerable to cyber-attacks. They keep both you and your visitors safe, protect paying customers and show users you take security seriously as soon as they land on your site.

Who is DigiCert?

Now we know why you should use an SSL certificate, let’s take a close look at DigiCert.

DigiCert is one of the most trusted Certificate Authorities in the world, committed to digital security since 2003. Deciding that digital security shouldn’t be complicated, they’ve grown to become one of the leading global providers of certificates offering a wide variety of SSL certificates like Wildcard, Multi-Domains, Extended Validation and more.

When you look at W3Techs’ stats you can see DigiCert is used by nearly 17% of all websites – that’s more than double the amount that use free Let’s Encrypt (7.7%). In fact, they’re used by over 53% of sites that rank in the top 1,000 (based on sites whose SSL authority is known)!

And it’s safe to say DigiCert are popular for a reason. So, what exactly do their SSL certificates bring to the table?

Advantages of a DigiCert SSL certificate

Going for one of DigiCert’s paid-for SSL certificates opens the door to a load of benefits that you wouldn’t get with a free certificate.

Valid for longer

Unlike free certificates which could only be valid for a few months, paid SSL certificates like DigiCert’s are valid for longer, sometimes years! That means you don’t need to worry about renewing your certificate every couple of months.

Better support

When you pay for an SSL certificate, you’re not just paying for the certificate, you’re paying for the expert support that you get. DigiCert has its own support team that you can turn to when you need them. A lot of providers (like us) also have their own expert teams that can give you another level of support any time of day.

Increase in trust

Anyone with access to the internet can get a free SSL certificate and they're only available with the lowest level of validation. Being able to secure one that needs more validation if you need it helps you shout your commitment to security from the rooftops.

How much does a DigiCert certificate cost?

As with anything you buy, the cost of a DigiCert certificate depends on what tier SSL certificate you need, with each tier offering its own benefits. And of course, the type of certificate you go for will affect the price too. If you buy directly from DigiCert they start at around £220, but you might find a lower price if you get yours from a third-party vendor.

Did you know… we include a free DigiCert DV SSL certificate with our Web and WordPress Hosting packages? Plus we make it easy to buy DV SSL certificates and install them on your Fasthosts servers!

What to watch out for with free SSL certificates

Free certificates might be free to use, but they still come with their own hidden costs:

  • Short lifespan: free SSL certificates are only valid for 90 days, so will need to be renewed more regularly.
  • Less secure: less validation means that anyone can get one, making them popular for cybercriminals.
  • Less support: no dedicated support team for live help when you need it.
  • Less control: no management tools to help you stay in control of your certificates and their renewals.
  • Limited options: they typically only come in one form so you have less choice over your level of security and validation.
  • Not always enough: some industries require higher levels of validation, which you can’t get with a free certificate.
  • Warranty: should the worst happen, paid SSL certificates have warranty that may help cover financial loss, whereas free SSL certificates typically do not.

Validation levels

There are three validation levels when it comes to SSL certificates – domain validation (DV), organisation validation (OV), and extended validation (EV). But what do they mean?

If you want a quick and low-cost way to make your website secure, DV SSL Certificates are ideal. They check that you own the website but don't need extra checks on your business.

OV certificates not only protect your website but also instantly confirm your business's identity. Lastly, EV SSL Certificates – the gold standard if you will –  offer the highest level of trust and assurance, surpassing other SSL types like those that only validate the business and/or domain.

Free SSL certificates typically only offer DV, but if you require a higher level of protection and want to ensure trust signals are kept at a high level, then DigiCert is the way to go.

Why do we use Digicert?

At Fasthosts, we only offer the best products and services to our customers and security is always at the top of the priority list. It’s why we offer DigiCert certificates for free with some of our products – we want you to be able to benefit from better security without breaking the bank.

When you pit them against each other, the advantages of using a paid SSL like DigiCert’s outweigh the benefits of a free one, especially if you’re running an enterprise site, ecommerce site or any other site that handles sensitive data.

If you ever need any help with your products, including any SSL certificates that you have with us, our expert team is on hand. They’re always only ever a phone call away, day or night! Looking to read up on more security tips? Check out the security section of our blog, it’s full of security advice, industry news and more.