OK, my brain officially hurts. I'm trying to research which SSL certificate to purchase and am finding prices ranging from $30/year to $2,000/year. Can someone here explain the difference… if there IS a difference?
Any recommendations would also be most welcome!
The short answer is no, any certificate should be fine for most purposes so long as you get the common name right and it's issued by a recognized certificate authority. The more expensive certificates involve a more detailed identity verification process (and as the result can do things like turn the address bar green), where as cheaper ones use only verify that the applicant controls the domain. You can also get additional additional features such as supporting multiple sub-domains (wildcard) etc. But for starters you should be fine with something like www.alphassl.com.
Well it really depends on your site and what you are selling and to who.
A great deal of money is made on selling SSL but the raw facts are if you using a 3rd party gateway the only reason you would even install ssl is to give your customer a sense of security. I've run online shops for about 14 years and never used one because I've always used 3rd party payment gateways to pass the security on. I tell this to my customers.
Now let the bleeding begin…but bear in mind any coments by people selling SSL might be slight bias. Also bear in mind as your only securing the account form those very people who use it proberbly fill in the same details on forums unsecured and let anyone see their details of social network sites.
If you intend storing card details ignore the above and here's a 20% discount for SSL from http://www.vidahost.com - use the coupon “ssldeals”
Surprise… In the Year 2013 rest assured that many of us consider far more than just our credit card details as confidential information! 
If you value your customers and run a legitimate business, then IMHO it is your obligation to protect their confidential information rather than just hoping they aren’t knowledgeable enough to notice that they are entering their details into an unsecured web page form. Besides, if a business can’t justify spending $30.00 a year on an SSL cert, then it shouldn’t be considered a business.
[quote][color=#282828][font=arial, verdana, tahoma, sans-serif]Can someone here explain the difference… if there IS a difference?[/font][/color][/quote]
Differences between them is 99% marketing fluff, aka: Confusion tactics
Just go for a cheap ($10 - $20) ssl if you don't need this green thing in the url bar with your business name on it.
I usually buy alpha ssl's here: [url=“SSL Certificates - Secure & Encrypt Your Website | Dynadot”]http://www.dynadot.com/ssl/about.html[/url] - they don't try to sell you BS and I never had a problem.
[quote name='Flow' timestamp='1364718025' post='159028']
Just go for a cheap ($10 - $20) ssl if you don't need this green thing in the url bar with your business name on it.
I usually buy alpha ssl's here: [url=“SSL Certificates - Secure & Encrypt Your Website | Dynadot”]http://www.dynadot.com/ssl/about.html[/url] - they don't try to sell you BS and I never had a problem.
[/quote]
If you are looking for variety; https://www.thesslstore.com/
We originally had an EV SSL and increase of business was approximately 5% - justified in the purchase price of $600 at the time.
Granted, I'd personally purchase another EV SSL in future however for the time (and cashflow) pending I have a rapidSSL certificate for customer protection.
Quote from ab fab (UK people will know what I mean)
I DON’T WANT MORE CHOICE, I JUST WANT NICER THINGS 
Sorry for the caps!
[quote name=‘Struck’ timestamp=‘1364685593’ post=‘159021’]
Surprise… In the Year 2013 rest assured that many of us consider far more than just our credit card details as confidential information!
If you value your customers and run a legitimate business, then IMHO it is your obligation to protect their confidential information rather than just hoping they aren’t knowledgeable enough to notice that they are entering their details into an unsecured web page form. Besides, if a business can’t justify spending $30.00 a year on an SSL cert, then it shouldn’t be considered a business.
Differences between them is 99% marketing fluff, aka: Confusion tactics
[/quote]
Well it’s not the money but a good businessman man trims where he can, I can install one free on my server if I want, I don’t because I like to keep things simple so the is less to go wrong.
What other info are you protecting with a SSL ? give one that is not freely available on the internet, in phone books, your mates address book or a bit of paper scribbled in a hurry sometime. Don’t forget this is a transport security only. If you use 3rd party gateways all you are protecting is about 250 bits of data. Even if anyone was bizzar to be sniffing the route the odds they would pickup that 250 bits of of the rest is like you being hit but the golf ball shot from the moon 50+ years ago.
I prefer to put my money into server security which is far more a risk to your business. Decent hosting costs money.
[quote][color=#282828][font=arial, verdana, tahoma, sans-serif]Well it’s not the money but a good businessman man trims where he can, I can install one free on my server if I want, I don’t because I like to keep things simple so the is less to go wrong.[/font][/color][/quote]
Hint: It is actually costing you more in lost sales per year than the miniscule $30.00 annual cost for an SSL Cert, this is sound advice offered from a very talented businessman, blessed with common sense business logic! 
[quote][color=#282828][font=arial, verdana, tahoma, sans-serif]I have a rapidSSL certificate for customer protection.[/font][/color][/quote]
Jesse,
We also chose the Rapidssl cert & have been using for the last couple years or so, provides this nifty little padlock icon in the browser window whenever it is called upon, it is a lovely thing and to me is “priceless”! 
[quote name=‘Struck’ timestamp=‘1364746146’ post=‘159050’]
Hint: It is actually costing you more in lost sales per year than the miniscule $30.00 annual cost for an SSL Cert, this is sound advice offered from a very talented businessman, blessed with common sense business logic!
[/quote]
Yep known a lot of them, Don’t get me wrong, I understand your point about business logic and everyone should do what they feel comfortable about but paying one penny more then you need is a penny wasted with SSL if you use 3rd party gateways. Having a comfort blanket for customers makes sense to some people but my customer repeat orders rate is over 75% and the site have been profitable for over 10 years.
This is sound advice from someone who has installed more firewalls then he can remember and managed sites over over £250k in value for a multi national utility company. It’s not a logicial argument to say you use it because it’s cheap or because some customers might be trained to look for it. It’s not needed so I don’t use it, the browser market is so full of crap now that I actully think it’s a benifit not to have one.
I thought that an SSL is required by PayPal/PayPal express (third party) and we are expected to have SSL if accepting credit cards. Also, just wondering if it makes user accounts/account information more secure? I thought it does, but not sure. This is one reason why I have one. I also use third party only for payment processing. People do expect and look to see the “lock”.
Bob
I don't think having a customer entering his password for your shops account into a protected page is a waste of money, but well worth it. I never like entering a password on a non-protected page, and I know there are people out there who will simply not do this at all. So for me, $15 and 10 minutes work is well worth it and I think every shop should have an ssl.
[quote name=‘Flow’ timestamp=‘1364752746’ post=‘159056’]
I don’t think having a customer entering his password for your shops account into a protected page is a waste of money, but well worth it. I never like entering a password on a non-protected page, and I know there are people out there who will simply not do this at all. So for me, $15 and 10 minutes work is well worth it and I think every shop should have an ssl.
[/quote]
Thank goodness there are still at least a few people out there with good common sense business logic!
Flow, you will be quite successful some day, perhaps as soon as tomorrow, I can’t guarantee exactly when, although it is a given! 
[quote name=‘Struck’ timestamp=‘1364755517’ post=‘159058’]
Thank goodness there are still at least a few people out there with good common sense business logic!
Flow, you will be quite successful some day, perhaps as soon as tomorrow, I can’t guarantee exactly when, although it is a given!
[/quote]
Hey Struck, thanks for that. But maybe I already am very successful? At least I know I can afford 15 dollar for an SSL
[quote name='pbannette' timestamp='1364752514' post='159055']
I thought that an SSL is required by PayPal/PayPal express (third party) and we are expected to have SSL if accepting credit cards. Also, just wondering if it makes user accounts/account information more secure? I thought it does, but not sure. This is one reason why I have one. I also use third party only for payment processing. People do expect and look to see the “lock”.
Bob
[/quote]
If you are using a 3rd party payment page that page will be covered by SSL. Google first stated they want a site to have SSL but they changed their policy soon after as I understand.
SSL - encrypt communications between the user and the web server. It helps to prevent hacker attacks that are based on eavesdropping. It does NOT protect any data you store on your site, in your database.
I'm not telling people not to use SSL, I just feel people are being conned into buying these things and have been for a long time now, when they don't need them. The odds of anyone getting personal details is very very remote, the odds of them then using those details is even remoter and the odds of that use doing any harm are Nill.
[quote name='MFD' timestamp='1364656970' post='158998']
OK, my brain officially hurts. I'm trying to research which SSL certificate to purchase and am finding prices ranging from $30/year to $2,000/year. Can someone here explain the difference… if there IS a difference?
Any recommendations would also be most welcome!
[/quote]
If you look at some SSL, you see that 'Domain Control Validated, Organization not validated'.
For Geotrust, Verisign and Thawte, you will have to submit all the legal documentations before they issue your SSL. This is to establish an additional level of trust to determine that the company you are dealing with is genuine and actually exist. They probably would do other credit checks and so on to establish credibility.
Because of this higher level of trust, companies such as Verisign and Thawte can attached an insurance policy to the SSL to limit their liability and to be able to stand by their verification techniques.
On the other hand, that is not the point of SSL, to filter out malicious businesses. SSL's job is simply to transmit the information from their browser to the receiving party securely.
Here you can order a “QuickSSL Premium” free 30 day trial https://www.martfox…hp?a=add&pid=24 and save $97.