- About Us
All websites that we host have a valid security (SSL or SSL/TLS) certificate. A website security certificate helps protect your website, your site visitors, our web server and our other clients' sites.
Each site's security certificate is installed and managed by us as web hosts.
A security (SSL/TLS ) certificate is software that gets installed on your website. It encrypts data on your website during transmission between the web server and site users' browsers.
There are 3 levels of certificate: Domain Validation (basic), Organisation Validation, Extended Validation (the top level). All encrypt webpages and other data securely. See Certificate Levels below.
The certificates that we sell don't cost much and the price even includes installation! Many site owners are used to Let's Encrypt which is free and is designed to auto-renew. It's big jump from $0 to annual fees.
Certificate prices can vary by 200% or more. Sometimes the price jumps are a mystery. Other times, they reflect real product variations:
Is the extra cost worth it? That depends on your line of business, your website(s), your customers and your competitors. For our pricelist, we didn't include higher end certificates that are beyond the budget of many of our clients. But if you want to pay $2000 and more, please get in touch. We won't say no.
No. A standard security certificate does NOT guarantee that a website is free from malware, viruses etc. It protects webpages and other data from being intercepted and read or altered, between web server and user. But there are other ways that hackers can get at a website.
Almost yes. Higher end certificates often add a daily malware scan and anti malware protection. It depends how good these products are.
More expensive SSL/TLS certificates include daily malware and virus checks. That sounds good; but it can add a significant load to our server and slow websites down. Talk with us if you are interested in using these scans.
We believe these protections are key:
It depends on how many websites you have, whether you use ecommerce and other factors.
We don't tell you which certificate to buy. We do help you sort through the complexities. We've put many hours into researching and clarifying information. Like with any other purchase, you need to put in effort to make your own informed decision.
Certificate brands are sold and resold by Big Tech players; names that were trusted 5 years ago are now owned by their (once) less favoured competitors. It's very hard to compare products because of this.
On top of this, there's plenty of !!!!HYPE that means little. We suspect that some overseas sellers wouldn't satisfy Australian false & misleading advertising laws.
If it's any comfort, the risk is probably bigger for SuttonNet. Installing difficult certificates or cancelling a poor performing product and re-ordering chews up our time, not yours.
Our retail pricelist covers a selection of certificates that claim very high compatibility with the many platforms people use for the Internet. None claims 100% compatibility. There'll be someone out there with a Flintstones phone that doesn't recognise any SSL/TLS certificate. We test certificates after installation to verify their quality (pity we can't do that beforehand). Most certificates that we purchase come with a 30 day any-reason refund policy.
Read the information on this webpage, on the Pricelist page, on our main website and in emails and client newsletters. Ask if you don't understand. If we don't know the answer, we can ask our supplier's support crew.
A trust seal or site seal is an image inserted in your website. It shows that your site is encrypted, its security certificate brand and (for higher level certificates only) that the website owner has been verified as a legitimate business or organisation.
For ecommerce, we recommend a trust seal aka site seal. For other sites: it depends on your website and your target market.
Site seals aren't magic bullets. They vary with brand and with product. Some seals offer a great deal of information, if site visitors know how to read them. Others are just a static image with the name of the issuing Certificate Authority. Well known brands carry more weight, of course. If you buy a very cheap certificate, don't expect its site seal to be a gamechanger for your website.
If a trust seal is important for your business: buy the best certificate you can afford, one that includes validation of your business identity.
We charge a small fee to modify your Bizazz website template & add the trust seal and code required by the issuing Certificate Authority. The seal will then display on all pages. For our ecommerce websites: there's a fee to add the seal to your payment page. For sites built by other web developers: please talk to your developer.
There are 3 levels: Domain Validation, Organisation Validation, Extended Validation.
EV & OV certificates are the top rating certificates. They validate your business as well as encrypting your website data. EV is stronger verification than OV. EV & OV certificates assure site visitors that you are not a con artist, but a genuine business in a real location. You really will send the customer a set of top quality caterpillar pj's in exchange for $200 from their credit card (and they can find you if you take $2000).
OV or EV is an extra cost but the returns may be worthwhile. EV has long been acknowledged as the best option for ecommerce.
For small businesses without online sales, the usually cheaper DV can be a realistic choice. Sometimes wholesale discounts bring OV or EV prices down dramatically, so check the whole pricelist.
Like many around the Internet world, we chose Let's Encrypt
(Domain Validation level) certificates at first for our clients'
websites. There's no purchase or renewal fee for a Let's Encrypt
certificate. Because the certificate auto renews, maintenance is much
lower than for commercial certificates. On the downside, there is no
trust seal option and only the base level (DV) certificates are issued by
Let's Encrypt. DV does not attest that the website's owner is a
We became uneasy about the Let's Encrypt option, not over its security but over the way certificate issuance is managed. You can read more on our main website.
LE-encrypted sites will be inaccessible for users on older platforms after September 2021. The affected platforms include Android 7.1.1 and earlier Android versions, unless their software has been updated.
Our response: SuttonNet is a 'high service level' web developer and hosting provider. We don't gear our services to minimal cost for minimal results. All websites (re)built by SuttonNet from 2021 use a commercial security certificate. Ecommerce sites that we (re)develop from July 2021 use an EV certificate with trust seal.
Visit our main website to learn more about website security certificates, trust seals and their importance.
Or stay on our client support site and brush up on online and general IT security for your business or NFP group.
Updated 15 September 2021