SuttonNet requires all websites that we host to maintain a valid security (SSL or SSL/TLS) certificate. Each site's security certificate is installed and managed by us as web hosts.
A website security certificate helps protect your website, your site visitors, our web server and our other clients' sites.
Like many around the Internet world, we chose Let's Encrypt (Domain Validation level) certificates at first for our clients' websites. There's no purchase or renewal fee for a Let's Encrypt certificate. Because the certificate auto renews, maintenance is much lower than for commercial certificates.
We have become uneasy about the Let's Encrypt option, not over its security but over the way certificate issuance is managed. Our concern is about protection for Internet users from phishing sites. You can read more on our main website.
New webhosting clients from 2021 will need to purchase a commercial certificate.
Current clients may need to buy a non LE certificate in 2021. Changes to LE threaten to render LE-encrypted sites inaccessible for users on older platforms after September 2021. The affected platforms include Android 7.1.1 and earlier Android versions.
A security (SSL/TLS ) certificate is software that gets installed on your website. It allows data on your website to be encrypted during transmission between the web server and site users' browsers.
There are 3 levels of certificate: Domain Validation (basic), Organisation Validation, Extended Validation (the top level). All encrypt webpages and other data securely. See Certificate Levels below.
The certificates that we sell don't cost much, but you are used to paying $0 for Let's Encrypt.
SuttonNet receives major wholesale discounts which we can pass on. Free certificate installation is included for any website hosted on our server.
Certificate choice is not easy. The jargon is obscure. Some product descriptions online are so general, they could apply to any certificate at all. That doesn't help distinguish why prices can vary by 200% or more!
Sometimes the price jumps are a mystery. Other times, they reflect real product variations:
Some certificates come bundled with extra features at higher cost: added security software or a dynamic 'trust seal'. Is the extra cost worth it? That depends on your line of business, your website(s), your customers and your competitors.
For our pricelist, we avoided the lowest priced TLS/SSL certificates. They tend to perform less well on mobile phones and to rely on a longer chain of 'intermediate' certificates - more to go wrong, visitors take a little longer to access your website.
We also didn't include higher end certificates that are beyond the budget of many of our clients. But if you want to pay $2000 and more for the best, please get in touch. We won't say no!
No. A security certificate does NOT guarantee that a website is free from malware, viruses etc.
It protects webpages and other data from being intercepted and read or altered, between web server and user. But there are other ways that hackers can get at a website.
More expensive SSL/TLS certificates include daily malware and virus checks. That sounds good; but it can add a significant load to our server and slow websites down. Talk with us if you are interested in using these scans.
We believe these protections are key:
SuttonNet provides the first two; (iii) is up to you. Read our security page. Contact us if you need advice or help.
It depends on how many websites you have, whether you use ecommerce and other factors.
We don't tell you which certificate to buy. We do help you sort through the complexities. We've put many hours into researching and clarifying information. Like with any other purchase, you need to put in some effort to make your own, informed decision.
SSL/TLS certificates are a bit of a lottery; there's plenty of !!!! HYPE out there. Certificate brands are sold and resold by Big Tech players; names that were trusted 5 years ago are now owned by their (once) less favoured competitors. If we discover that some products within our clients' price range are better than others, we will tell you.
If it's any comfort, the risk is bigger for SuttonNet. Some certificates may be harder to manage and that chews up our time, not yours.
Our retail pricelist covers a selection of midrange certificates that claim very high compatibility with the many platforms people use for the Internet. None claims 100% compatibility, say with older platforms. (There'll be someone out there with a Flintstones phone that doesn't recognise any certificate.)
Read the information on this webpage, on the Pricelist page, on our main website and in emails and client newsletters. Ask if you don't understand.
There are 3 levels: Domain Validation, Organisation Validation, Extended Validation.
EV & OV certificates are the top rating certificates. They validate your business as well as encrypting your website data. EV is stronger verification than OV.
EV & OV certificates assure site visitors that you are not a con artist, but a genuine business. You really will send top quality caterpillar pj's in exchange for $200 from your customer's credit card.
OV or EV is an extra cost but the returns may be worthwhile. EV has long been acknowledged as the best option for ecommerce. For small businesses without online sales, the usually cheaper DV can be a realistic choice. Sometimes wholesale discounts bring OV or EV prices down dramatically though.
SuttonNet maintains an EV certificate on this website. (We've been slack about adding the trust seal; too busy working on your websites.)
Visit our main website to learn more about website security certificates, trust seals and their importance.
Or stay on our client support site and brush up on online and general IT security for your business or NFP group.
Updated 20 January 2021