

Ask HN: Best place to buy SSL from? - state

It has been a while since I have bought an SSL cert. I used to use Comodo. They&#x27;re alright, but nothing special.<p>Is there an SSL provider that people actually like?
======
nailer
Hi Galen,

If you use Stripe, Twitter, npm, or your bank, you'll see the company name in
a green bar. That's an EV certificate and is the only way for a website to
prove a company's identity.

EV certs are great, particularly if you're selling something or people are
logging into your site.

Since they involve a bunch of verification, the industry standard time get the
certificate is normally about 7-21 days.

[https://certsimple.com](https://certsimple.com), my company, live checks data
while you enter to do EV in an average of 5 hours. It takes 80 seconds to
apply, including making the CSR - no Q and A in a terminal, no installing
anything, just cut and paste.

Because of this, we're faster at EV than everyone else.

We also give 5% of our revenue to groups that make strong crypto happen - we
cut our first cheque to OpenBSD Foundation last Friday. We also publish a
bunch of interesting research around performance and security at
[http://certsimple.com](http://certsimple.com), including OSS code to recreate
our results.

Hope that helps! Email me any time at mike@certsimple.com if you have
questions.

Mike

PS. if you don't need EV, we recommend you get a free certificate from
[http://letsencrypt.org](http://letsencrypt.org) which should be launching
soon.

------
joshstrange
sslmate is the one I'd suggest. They are cheap, easy to use, developer
friendly, and no BS. [https://sslmate.com/](https://sslmate.com/)

~~~
jdoss
I highly recommend SSLMate too. Buying a SSL cert via CLI and automatic SSL
renewal and updates via cronjob make it awesome.

Not to mention it has configuration templates that make getting a best
practice config for almost everything you would use a SSL cert on.
[https://sslmate.com/blog/post/sslmate_mkconfig](https://sslmate.com/blog/post/sslmate_mkconfig)

------
staunch
Namecheap sells "Comodo PostiveSSL" certs for $9/year.

~~~
edgan
I personally use ssls.com. It is slightly cheaper than namecheap.com for
multiple year, and it is actually namecheap.com by another name.

On a side note, I would only buy one year certificates at this point, because
Lets Encrypt is about to make them free.

------
acrooks
We use [https://www.gandi.net/](https://www.gandi.net/) for all domains and
SSL certs and have no complaints.

------
kennpeterson
Comodo is cheapest CA now and provide highest web security. 256 bit
encryption, unlimited reissue, unlimited server license and best support. Try
[https://comodosslstore.com/](https://comodosslstore.com/) to find best ssl
deals.

------
sfunk1x
I use and have suggested
[https://www.startssl.com/](https://www.startssl.com/) to several folks, who
have all had good experiences. You do need to watch out for their login
process, as it's certificate-based. Lose your login cert and you're in
trouble. Tradeoff is cost.

~~~
edgan
My issue with them is their client ssl certificate is cumbersome, and at least
their free service is regularly down for "maintenance"

------
selectnull
I've used and been happy with [https://getssl.me/](https://getssl.me/)

------
tfangel
Digicert all the way. Clean, painless and their support is top notch. Compare
EV cost VS that of Comodo..

------
Aeji
Ssls.com or cheapsslsecurity.com

------
aepearson
Godaddy is easy, and cheap.

