No announcement yet.

Can I pay less for SSL? How?

  • Filter
  • Time
  • Show
Clear All
new posts

  • Can I pay less for SSL? How?

    Currently, I have a web hosting account and 27 domains that cost about $358.37 per year.

    I am ready to enable SSL as the next version of Chrome will display my domains as "not secure" when a user enters in form fields. But my hosting company is forcing me to buy 27 IP addresses and 27 certificates which are out of my budget.

    Therefore, I am in search of cheaper way to enable SSL which is compatible with normal web hosting accounts (excluding VPS / dedicated servers) and which doesn't need to edit DNS records.

  • #2
    Are all your domains having content published on them or are some of them redirecting to another domain?


    • #3
      There isn't the need of an IP address for each site. There are two solutions -

      You can get one SAN (Subject Alternative Name) certificate that covers all your domains. These certificates have complete modern browser support. Also, this certificate can be hosted on a dedicated IP address with virtual hosts for all your sites. But you can go for this solution only if your hosting company uses an older Apache version without SSL virtual hosting.

      Secondly, you can get separate certificates for each domain and host them with SNI (server name indication).Basically, a virtual host configuration for SSL, SNI has 99.9% modern browser support and is widely used today. It's requirement is Apache v2.2.12 and OpenSSL v0.9.8j (or anything later) installation on your server.


      • #4
        If you are thinking about getting free certificates then using would be the solution. They issue a certificate for any site that can be proven as yours by an automated process that places a file given to you into a proper location on your web server. One disadvantage is that their certificates don't work for all cases.

        Here are some features of LetsEncrypt -
        • It offers only the most basic certificates (level 1) that check the minimum validity. Don't expect a green bar until you acquire level 4 certificate.
        • No support for wildcard subdomains.
        • Certificates expire in 3 months and you will require an automated process to renew them (cron jobs).
        • You should be able to run software on your host. There's a program called "certbot" for issuing and renewing certificates. Additionally, it can also reconfigure your web server setup and locate the well known files in your document root.
        • Works best when your hosting company supports it. Setting up is painful, so hosting companies are often doing that work for you now. It is built-in to common hosting interfaces such as cPanel.


        • #5
          You simply need to find a host that offers free Lets Encrypt SSL certificates. There are loads of them, so choose appropriately.