Compare SSL Hosting
SSL certificates are critical to many websites, such as e-commerce stores. But there are many types of SSL certificates, and not all hosting companies offer the best ones with their hosting plans.
When selecting an SSL host, it’s best to get a dedicated IP address with your plan. Otherwise, you want strong overall hosting with secure servers.
We provide details on each recommended host later in this post, but for those who want a sneak peek, here are the best five hosts for SSL hosting:
- SiteGround – Offers free Let’s Encrypt certificates as well as paid upgrades
- A2 Hosting
- InMotion Hosting
- WP Engine
How Did We Pick the Best Hosts for SSL?
We’ve reviewed over 1,500 hosting plans from over 380 hosting providers and selected the ones which offer the best SSL certificate options. We then shortlisted the hosts which offer dedicated IP addresses either with their current plans or as add-ons a la carte.
Finally, we asked real users. Using our massive database of over 1 million words of independent customer reviews, we’ve identified the top 10 hosts for SSL hosting.
The 10 Best SSL Hosting for You & Your Website
How to Get the Best SSL Hosting
If you’ve spent any time on the internet lately, you might have noticed that reassuring green padlock in your browser’s URL bar as you surf the web.
They used to show up only when you bought something on an e-commerce store, but they’ve been showing up all around the web lately. There’s a reason for this, as you’ll see.
These web pages are using HTTPS rather than plain old HTTP. Behind the scenes, SSL certificates make the widespread deployment of HTTPS possible.
But what do they do, and how can you get one for your website? And can you really get one for free?
Why SSL Is Important
So, you’ve seen those padlocks in your URL bar. They’re supposed to indicate that your connection is secure. But what does that actually mean?
With an SSL certificate, the connection between your computer and the web server is encrypted. This means that the data that goes in between your computer and the server is scrambled until the devices are unscrambled.
If some eavesdropper manages to intercept the connection, all they will see is gibberish.
Why would you want encryption? Think of all the important data you send over the network that you want to keep from prying eyes: passwords, credit card details, cat pictures. SSL certificates add peace of mind that whoever is on the other end is legit and not some hacker executing a “man-in-the-middle” attack pretending to be a real website.
There are several reasons to make sure you’re using HTTPS websites:
- Protection from fake Wi-Fi hotspots
- Protection from eavesdropping over Wi-Fi networks
- Protection of sensitive data: passwords, credit card numbers, and so on
- Protection from surveillance
- Protection from “man-in-the-middle” attacks mentioned earlier
This is important if you’re using your device over public Wi-Fi. You never know who’s getting an order of credit card numbers along with their cold brew in the local coffee shop. Some attackers will even pretend to be a real Wi-Fi network and slurp up unsuspecting users’ data.
They’re betting you won’t know the difference between a bogus network and the coffee shop’s Wi-Fi when you select the network from the drop-down menu. It pays to be a bit paranoid about free Wi-Fi.
Encrypting the connection will make any data that’s intercepted useless to an attacker.
SSL certificate vendors also give an extended level of security with organization validated (OV) and extended validation (EV) certificates. With these certificates, providers will take steps to verify that any organization attempting to acquire a certificate is who they say they are through extensive audits.
The biggest application for SSL certificates has historically been e-commerce. The SSL certificate protects a company wanting to sell goods and services online in several ways.
The encryption between a business’s web server and a customer are encrypted with SSL. This protects important information, like credit card numbers, as we’ve previously established.
It turns out that data breaches are kind of bad for business, unless you’re Experian.
If you’re not a quasi-monopoly, you’ll have to keep your site secure if you want to have any hope of keeping your customers.
The SSL certificate encrypting the connection also proves that you really are who you say you are and not some phishing site trying to run off with people’s credit card numbers yourself.
OV and EV certificates are necessary for compliance with Payment Card Industry (PCI) standards. You won’t be able to process payments without them.
SSL certificates also help your business stand out in search engine results, which brings us to search engine optimization (SEO).
If you’re serious about marketing your business on the web, you probably have at least a passing familiarity with SEO. It’s the practice of structuring content in a way that your page will land near or at the top of the search results page when people search for certain words.
The ideal is to be the first result. Failing that, content providers want to at least be on the first page. If they land on other pages, they might as well not exist.
The algorithms that Google and other search engines use is their secret sauce. They provide some guidelines, but they like to keep website owners on their toes. Search engines are constantly changing their algorithms to keep people from gaming the system with poor-quality web pages.
One thing that increases a website’s credibility is an SSL certificate. Google knows their visitors should be safe with these results, as sites that bother with a certificate have demonstrated that they are legitimate.
Google doesn’t want your customers to fork over their personal data to hackers any more than you would want them to.
For these reasons, if you get an SSL certificate for your site, there’s a good chance that search engines will give it more weight in the rankings.
SSL: What’s In A Name?
While the term SSL is widely used, the protocol has actually been overtaken by TLS. It’s kind of a complicated story.
With most security protocols, as more secure versions are developed, they just up the version number. When SSL hit version 4.0, for some reason, it was renamed TLS version 1.0.
The name seems to have stuck, probably because all those certificate authorities spread the term around so much.
So don’t get confused. When you hear people referring to TLS, just keep in mind that TLS and SSL are effectively equivalent.
How SSL Works
With all the reasons you might want an SSL certificate, let’s discuss a little bit about how SSL actually works behind the scenes, without getting too technical.
When a browser requests an HTTPS page, there’s a process between the browser and the web server known as a “handshake.”
This handshake involves sending a certificate and the browser checking its authenticity.
Here are the steps:
- The server identifies itself to the client.
- The client identifies itself to the server.
- The client authenticates the server certificate and sends a “pre-master secret” to the server.
- The server decrypts the master secret.
- The client and server establish an encrypted session.
Think of the browser as a convenience store clerk and the server as someone who’s trying to buy a case of beer. The clerk is obligated to check the ID of anyone trying to buy alcohol, so it asks the patron to provide it. The clerk then checks to make sure that the ID is authentic.
Public key encryption
Let’s See Some ID
The browser has a list of pre-approved CAs it uses to determine if a certificate is valid. After the browser accepts the certificate, a secure session is established. This process of validating a certificate is known as a “handshake.”
This is obviously a simplified example, but it should give you a basic idea about how it actually works.
It’s a little more complicated behind the scenes. A server doesn’t actually send its certificate over. SSL makes use of public-key cryptography, a major breakthrough dating back to the 1970s. The server has two copies of its certificate: a public key and a private key.
The public key is the one that gets passed around. It’s matched to the private key, which stays safe and secure on the server. Doing it this way lessens the risk of the certificate getting compromised.
To actually get a certificate, you need to install a Certificate Signing Request (CSR) on your server. This will generate the key pair.
Much as the ID is certified by a state or national government, there are various Certificate Authorities (CAs) that will “sign” a certificate, vouching for their authenticity.
The CA stores the public key, while the private key stays on your server. Some of the best known CAs are Comodo, DigiCert, GoDaddy, and GlobalSign.
It is possible to “self-sign” a certificate, but when the user visits a site with one, they’ll get an error warning that the site may be unsafe. In most cases, the browser will even block it.
With all the cyberattacks around, browser makers figure they can’t be too careful.
How To Get Certificates
Since fewer people actually manage their own web servers these days, it’s more likely your web hosting company will take care of this for you. Your hosting provider will also likely offer a certificate, perhaps even throwing one in free as a perk of service.
If you need one, there are third parties that will be happy to sell you a certificate.
We’ll look at the various options you have for certificates later on.
Types of SSL Certificates
We’ll now take a look at the types of SSL certificates that are available.
First, let’s look at the components of an SSL certificate.
While we’ve been speaking of a single SSL certificate, there are actually three certificates involved.
The first one is the root certificate. This certificate is held by the CA.
The second is the server certificate. If the name isn’t too obvious, this certificate is the one that’s installed on your web server.
To tie these two certificates together, the intermediate certificate is used. This serves as a go-between the server certificate and the root certificate.
Now we’ll look at the types of certificates that you can get.
This is less commonly used on the web, but this type of certificate is used on a proxy server. Such a server might be used in a company to filter outgoing and incoming internet traffic.
It might also be used by people who want to disguise the origin of their web traffic. They might want to do this to access resources that are blocked in their country.
A shared certificate is, as the name suggests, shared among different people.
In the context of a web hosting provider, this might be among the customers on a particular physical server or across an entire hosting provider, at least the ones that don’t have their own certificates.
They’re most common on shared hosting plans. As with shared hosting platforms, they’re best suited for people just starting out on the web or are running a website as a hobby.
If you’re content with running a smaller website and aren’t planning on actually selling anything over the web, you would probably be happy with a shared certificate.
|SSL Type||Website Size||Visitors||Website Type|
|Shared SSL||Small to mediocre sites||Low volume||Leisure or hobby|
|Free Private SSL||Small to medium sites||Moderate volume||Serious, non-e-commerce|
|Paid Private SSL||Larger or growing e-businesses||High Volume||E-commerce or affiliate|
Free SSL Certificates
Is it possible to get an SSL certificate for free? You might think this is too good to be true, but it’s more of a reality each day.
Where To Get Free SSL Certificates
There are two types of free SSL certificates: free certificates from your provider or certificates from Let’s Encrypt, mentioned later in this article.
A certificate from your provider might be a shared certificate mentioned earlier or one dedicated to your website under a dedicated hosting plan.
From Your Hosting Provider
It’s becoming more common for providers to offer free SSL certificates. A lot of providers are participating in the Let’s Encrypt project. Since it costs them next to nothing, it makes a lot of sense for providers to give them away.
A similar project is CACert. It’s a similar project with similar goals: spreading HTTPS as wide as possible through automated certificates.
The main difference from Let’s Encrypt is that CACert is a community-based project.
What About Let’s Encrypt?
Let’s Encrypt is a project to get websites to use HTTPS as much as possible. This move comes out of a concern over internet privacy in the wake of cyberattacks and revelations of internet surveillance by the US National Security Agency, including spying on key allies.
One barrier to widespread use of HTTPS has been the expense of SSL certificates. The cost in both time and money has been out of reach of smaller website operators. In the past, it was mainly used for e-commerce pages to keep credit card information.
Let’s Encrypt is supported by many major hosting providers and other internet companies.
How Let’s Encrypt Works
Let’s Encrypt simply involves installing a client program on a web server. A certificate is issued for 90 days. That might seem like a short time, given that most SSL certificates are valid for a year or more, but these certificates are automatically renewed without human intervention.
The success of the project can be measured by the number of websites using HTTPS over plain old HTTP. It seems that almost every major website uses HTTPS by default these days.
Who’s Using Let’s Encrypt?
If you check the certificates of the sites you frequently visit, you might be surprised by who’s using free SSL certificates generated by Let’s Encrypt.
Major sites like Mashable and PC Gamer magazine are using Let’s Encrypt.
Those sites have a readership of techies, but it shows the rapid acceptance of Let’s Encrypt and free SSL certificates.
With Let’s Encrypt, Why Pay For SSL Certificates?
So with free, automatically updated SSL certificates available, why would you still bother to purchase a certificate?
Since a private SSL certificate is all but mandatory for any website wanting to process credit card payments, it seems that paid private certificates won’t go away any time soon. The financial industry moves more slowly than the tech world. They probably won’t be ready to accept free SSL certificates for a while.
Businesses Still Need Their Own Certificates
Some big companies will probably prefer to buy their own certificates. The cost of a certificate is a drop in the bucket for a Fortune 500 company. IBM, Amazon, and others will likely bask in the glow of credibility that having their own certificates brings.
Landlines and mainframe computers haven’t been completely displaced in the corporate world, and it seems that they’ll be using certificates signed by the likes of DigiCert for a long time.
Private certificates and free SSL projects have different goals. The latter is meant to promote security in general. For big companies, security is meant to protect their business and their credibility.
If you’re handling user data, like logins or payment information, you’re going to want something more robust than a simple Let’s Encrypt certificate.
A lot of providers offer warranties to purchasers of certificates if their sites get hacked.
They and their shareholders expect their IT staff to go the extra mile, and that includes private SSL certificates. EV and OV certificates aren’t going away anytime soon.
Three Great Hosts for SSL
Because SSL is so important to modern websites for security and SEO, web hosting providers worth their salt will make it easy for site owners to incorporate SSL certificates into their sites.
SiteGround is an example of one such hosting provider.
They have a free tier based on Let’s Encrypt, but they also have paid options which are marketed to businesses.
These certificates come with warranties in case something bad happens to a site.
They have options that should please anyone, ranging from small sites to e-commerce.
If you haven’t noticed yet, SSL is pretty important to e-commerce.
If you’re selling stuff over the internet, you might want to consider a host that specializes in e-commerce.
Shopify is one of them. Among other features, they offer free SSL certificates across all their plans.
InMotion Hosting is another hosting provider jumping on the free SSL bandwagon.
They offer free certificates across all their web hosting plans.
The downside is that these free certificates must be pointed to InMotion’s servers or they won’t work.
If you’re handling customer data, they recommend that you go with your own certificate over a dedicated IP.
SSL certificates work behind the scenes to enable secure browsing and payment over the web. SSL certificates verify the authenticity of the holder, which is crucial for SEO and e-commerce. Let’s Encrypt is offering free SSL certificates, but many businesses will still need their own certificates.
Frequently Asked Questions
How long does an SSL certificate last?
Much like purchasing a domain name or hosting package, most SSL certificate authorities offer a variety of levels and allow you to purchase different timeframes of coverage.
What is Public Key infrastructure (PKI)?
What does my browser check for when it connects to an SSL site?
If any of these checks fail, your browser will display a warning to let you know the site is not secured by SSL.
What sort of data can be secured using SSL?
What should I do if I lost my SSL password?
Can I have more than one SSL certificate per IP address or on a single web server?
Until recently, multiple SSL certificates could not be installed on a single IP address, so if you had virtual hosts to host multiple domains from a single IP, you could only install one SSL certificate.
With SNI, you can now include the Hostname when passing information on an SSL verification check. Doing so allows a single IP address to support multiple SSL certificates.
Before going this route, make sure to check with your hosting provider to ensure SNI is supported.
Do all browsers accept SSL?
SSL is supported by the following popular browsers (among others): Chrome, Firefox, Internet Explorer v5.01 and above, Safari, Opera v7 and above, and Sony PlayStation.
The complete list is too exhaustive to include here, but unless someone is still using their Windows 3.1 machine to go online, their browser probably supports SSL.
Who developed SSL?
Can I allocate only some directories to have SSL certification, or do I have to secure my entire site?
In most cases, you can designate a subdomain to be used as your secure site and only enable SSL for that site.
For instance, you can set up a general site, www.cool-site.com, which does not have SSL security protocol in place. When you need to collect information from your visitors, you could send them to your subsite, secure.cool-site.com, where their information would be secure.
What level encryption do I receive when connecting to an SSL certified site?
First, the level of encryption required by the SSL certificate the site has obtained.
Next, the capabilities of the site’s server host.
And lastly, the browser you are using will affect the level of encryption you receive.
Even if the website and server provide strong 256-bit encryption, if you’re using an older browser that can only support 128, your information will not receive the same level of encryption as others visiting that same site.
For the strongest encryption level, stick to trusted sites and keep your browser up to date.
Compare Popular Web Hosting Plans
Need a great web host? Want to save some time? This shortlist is your best place to begin:
Popular Host Choice for 2022
BluehostStarting at $2.75/mo View Current Deal
SiteGroundStarting at $3.99/mo View Current Deal
WP EngineStarting at $20/mo View Current Deal
GreenGeeksStarting at $2.49/mo View Current Deal
HostGatorStarting at $2.64/mo View Current Deal
A2 HostingStarting at $2.99/mo View Current Deal