I thought I'd jump in since no one else has. It's an opinion question, so here's mine. I did a lot of reading in the forum and asked a lot of questions when I was making my decision. It seems the most important thing is to have your own certificate as opposed to being on a shared SSL. Many members have had problems with shared SSL setups.

In the States we have to use a payment service provider to process credit cards. To have a secure site is not really necessary unless the user is entering data they might desire to be secure in transit, e.g. a bidding situation where the bids are private. If it's charge card purchase, it's the payment service provider's responsibility.

I only bought a certificate to make my customers feel warm and fuzzy about entering their login info and their name, address, email, etc. It's totally unnecessary. If I understand things correctly, in the U.K. you can either have a PSP or process charge cards yourselves, in which case you would definitely have to have a certificate.

So it boils down to two things: Do you need one or just want one and to what degree do you want the customer to feel warm and fuzzy. Well, three things if budget is a factor.

C

Very few people actually take the time to dig into an ssl certificate with regards to who provided it, was it from an SSL provider that does validation or things like that, with many end site visitors just wanting to see the good old golden padlock in the browser status bar, so if your need is to have an SSL certificate for you site, then so long as it is at the very least an externally validated one (like the GeoTrust ones and not one validated with its own CA on the server) then that would suffice I would say.

We use VeriSign and have our own certificate, and yes it is a bit more costly. Their logo is well known, even with those who are new to the online world. I feel it is a worth while investement to ensure the customers feel safe and secure using our sites. Since moving to this setup several years ago I have noticed a great increase in the transaction numbers.

But you also need to balance your costs with sales. We are not a profit making organisation, we just need to get new members and sell our merchandise.

Bob

Thanks for all your help guys.

I have decided to go with one from COMODO (they rank second behind verisign for number of certificates out there).

The one I have chosen has a clever little logo which sits in the corner of the screen to show it is secure. I will only have it in the https pages with a static image on my main site. example is here: http://www.comodogroup.com/products/...ces/index.html

Thanks,
Paul.