SSL an' all

[YeOldeOke]

I run a website on SSL, the certificate is due to expire soon. The website doesn't take crucial info like cc numbers etc, so doesn't really need SSL, but because I'm not sure of the Google impact of reverting to http I'd prefer to keep it https. The cost of a decent SSL cert though is not really warranted, so I've been looking at free options like https://letsencrypt.org/

Thing is I'm not sure of backwards compatabilty with older versions of browsers and especially mobile browsers.

Any advice from the younger, more up-to-date guys for an old(er) oke?

 

[halfmoonforever]

They're fully compatible with all modern devices/browsers.

https://letsencrypt.org/docs/certificate-compatibility/

If anyone runs a device still in the known incompatibility list, then they're in the severe minority.

80/20 rule applies. Cater for 80% of the people rather than worry about the 1 dude with Windows XP SP1 visiting your site

 

[YeOldeOke]

They're fully compatible with all modern devices/browsers.

https://letsencrypt.org/docs/certificate-compatibility/

If anyone runs a device still in the known incompatibility list, then they're in the severe minority.

80/20 rule applies. Cater for 80% of the people rather than worry about the 1 dude with Windows XP SP1 visiting your site

At a guess, what % would still run XP. I didn't even know there was a SP3 I thought SP2 was the last. Phones I don't know, no clue. Minorities sometimes have $$ :crylaugh:

Thanks for the advice.

 

[gkm]

Also be aware if you use letsencrypt, you need to implement some automation to regularly update your cert, since if I remember correctly, they issue 90 day certs.

If you host on AWS, you can also get free certs, which is also renewed for you by AWS:
https://aws.amazon.com/certificate-manager/

 

[YeOldeOke]

Also be aware if you use letsencrypt, you need to implement some automation to regularly update your cert, since if I remember correctly, they issue 90 day certs.

If you host on AWS, you can also get free certs, which is also renewed for you by AWS:
https://aws.amazon.com/certificate-manager/

The 90 day thing may be a pain. I see I can get a Comodo cert for $9/year. Probably just go for that.

 

[biometrics]

I got a free one recently, iirc it was from here: https://www.startssl.com/Support?v=1

 

[koeksGHT]

You can also use Clourflare for free ssl

 

[chopsky]

I'd say Let's Encrypt is cool for a personal site, but for business purposes, I'd opt for a paid cert.
A 1 year PositiveSSL or RapidSSL cert will only set you back at most R249/year (+-R20/month).
You get what you pay for, and in this case, you'll be getting a reputable brand (with a site seal), and great support.

Oh, and if you sign up for a Comodo cert, you have the option of a free EV (green address bar with company name) upgrade for a year, which is dope.

 

[flippakitten]

I am well impressed with these guys elitehost.co.za for Rapid SSL at R180 last year (probably more now thanks to you know why).
Easy and they have good support, which is a must for me these days.

Nothing worse than waiting 2 days for a reply to a simple question.