SuttonNet requires all websites that we host to maintain a valid security (SSL or SSL/TLS) certificate. Each site's security certificate is installed and managed by us as web hosts.
A website security certificate helps protect your website, your site visitors, our web server and our other clients' sites. Sooner or later, every website on the Net will have to have an SSL/TLS certificate.
Like many around the Internet world, we chose Let's Encrypt (Domain Validation level) certificates for most of our clients' websites. There's no purchase or renewal fee for a Let's Encrypt certificate. The certificate auto renews, so maintenance is lower than for commercial certificates.
We have become uneasy about the Let's Encrypt option, not over its security but over the way certificate issuance is managed. Our concern is about protection for Internet users from phishing sites. You can read more on our main website.
New clients from 2021 will be expected to purchase a commercial certificate. Current clients may also need to buy a non LE certificate in 2021, because changes to LE will render LE-encrypted sites inaccessible on older platforms. These include Android 7.1.1 and earlier Android versions.
A security (SSL/TLS ) certificate is software that is installed on your website. It allows data on your website to be encrypted during transmission between the webserver and site users' browsers.
There are 3 levels of certificate. All encrypt webpages and other data securely.
Our supplier charges in US$ and there are many brands, product lines and prices. So we can't give an exact costing here.
Some certificates are bundled with extra features: multi-domain certificate, wildcard certificate (for multi subdomains), added security software or a 'trust seal'. Is the extra cost worth it? That depends on your line of business, your website(s), your customers and your competitors.
No. A security certificate does NOT guarantee that a website is free from any malware, viruses etc.
It protects webpages and other data from being intercepted and read or altered, between web server and user. But there are other ways hackers can get at a website.
More expensive SSL/TLS certificates often include daily malware and virus checks. That sounds good, but it can add a significant load to our server and slow websites down. There's a need to balance the risks and likely benefits against the costs of protection.
SuttonNet believes that key protections are:
SuttonNet provides the first two; (iii) is up to you. Contact us if you need advice or help.
Visit our main website to learn more about website security certificates and how they work.
Or stay on our client support site and brush up on online and general IT security for your business or NFP.
Updated 22 December 2020