These days every website really needs an SSL certificate. Google penalises those that don’t, and Internet users have got used to seeing that little padlock icon.
You may be wondering what the point of paying for one is when places like LetsEncrypt offer them for free.
The truth is that whilst there is no difference in security between a paid SSL and a free one, there are still some “under the bonnet” differences that you could find useful.
Most free SSL certificates are only valid for three months, so managing renewals can be a bit of a hassle. A paid certificate will be valid for either one or two years, which makes the admin side of things much easier.
Paid SSL certificates are available with either Organisation Validation (OV) or Extended Validation (EV). This means that more rigorous checks are carried out by the Certificate Authority. For example, these could include verifying that your business is properly registered, that your accounts are up to date, and what the status of your key personnel is.
If you ever have to deal with a large technically-savvy client, there’s a good chance they’ll know how to check which type of certificate your website is using. If so, they’ll be able to see for themselves that you’ve been properly vetted and legitimised by a trusted third party. You won’t get this level of assurance with a free SSL.
The amount of assistance offered with a paid SSL will probably be much greater than that provided with a free one. If you depend on your website for your income, wouldn’t you want reassurance that someone will be there for you if there are any problems?
It’s not often it happens, but if anyone ever suffers financially due to an incorrectly issued SSL certificate, the amount they can claim back is much higher with a paid one. This extra safeguard is an additional layer of assurance that only a paid certificate can offer.
If you’re currently using a free SSL (or you haven’t got one at all!) there’s no better time to benefit from the extra comfort offered by a paid one.