Whether you migrate to HTTPS for SEO or security, it’s now evident that using HTTPS is quickly becoming a necessity for most websites.
With SEO in mind, I’ll share with you my take on the different SSL Certificate options.
One important thing to know is that there is no known SEO benefits for having a more secure SSL Certificate. It is however possible that a more secure certificate sends Google a more authoritive signal.
I recommend Let’s Encrypt for most websites. It's free, easy to install, and has the option to renew automatically. It’s also well adopted by hosting providers. If you’re on WPEngine for example, you can get the SSL installed in minutes through their admin panel.
For other hosts you might have to ask support. And for dedicated hosting you can install LetsEncrypt with a few command lines through SSH.
This is the one I use on this site:
This is what I used before Let’s Encrypt appeared. Usually between $10-$80, this is the entry-level paid SSL. The only reason I’d recommend one over Let’s Encrypt is if you’re interested in a user money warranty, or a security seal that you can use on your site.
Slightly more expensive, this one gets your organization verified in addition to the domain ownership. Again I would only recommend if you’re interested in the warranty or seal. One exception here is if you need a wildcard SSL (for multiple subdomains) or one for multiple domains.
A downside with the OC (as well as EV) is there will be a delay and paperwork for the organization validation.
Often called Greenbar SSL for the (not so green anymore) sign in the address bar:
The main motivation to get the EV is for that bar showing visitors your company name in a more authoritative secure sign. They usually cost between $100-200. Prices depend on where you buy and the duration (I recommend 2 years or more).
This is a good option for ecommerce, large organizations, and sites that collect sensitive information.
To keep things simple you can buy from your domain name registrar. But you should compare prices with certificate authorities (e.g. Comodo or digicert) since you don't need to get it from your registrar.
Whichever certificate you choose, make sure it’s 2048 bit SSL and 256 bit encryption.
Related article: HTTP to HTTPS Migration Guide for Wordpress on WPEnginecomments powered by Disqus