about ssl certificates

hi,
what is the main diff b/w shared ssl ,private ssl in web hosting

 

To me, I think the biggest difference is that anyone using Windows XP will get an error when accessing a site using shared SSL ..

 

Shared certificate is free, but it has a number of disadvantages compared to private SSL cert. The main one is that this cert is not recognisable by browsers, and when you'd like to browse your site via https://domain.com. you will get a warning, that certificate is not trusted. So if it's ok for you, you can choose free shared cert, otherwise I would recommend you to buy private SSL.

 

thanku nice reply .

 

Sharif put it well, I don't recommend shared SSL, a private SSL is cheap and you can get it for around $11, less or more.

 

I'm not sure the answers you've received are correct. If you're talking about a host offering a shared SSL certificate that you can use, then that SSL certificate will be every bit as valid and recognized as any other SSL certificate. The difference is that the SSL will "belong" to a different domain name than your own site, but by some manipulation within the web server (usually managed by the Control Panel so you don't need to know HOW it works) you are able to use that SSL to secure information. This shared SSL could be safely used by lots of other users on the server at the same time.

A "private" SSL on the other hand is effectively useless to you in the public arena - but that depends upon what you mean by "private". In the strictest sense, a "private" SSL certificate is a self-signed cetificate, one that has NOT been provided by a regognized SSL provider/authority, or one that has been provided for by an SSL authority for internal use only. For instance, you can install some software on your server that will generate it's own SSL certificate. You can use that certificate to secure communications - it will work like all other SSL certifcates - but since it hasn't been supplied by a recognized SSL authority browsers will not "recognize" the certificate and will generate a security warning. If you know the SSL is safe you can choose to ignore the warning and your communication will be secured, but other users are unlikely to want to trust an unknown or unrecognized certificate.

A "private" SSL could also be an SSL you have purchased from an SSL authority for exclusive use with a domain name you own. It's not really a "private" SSL as it will be publically available, but it would be "private" in that it would belong to you exclusively.

If you don't understand about an "SSL authority" you'll need to do some searching via Google.

SSL certificates can be inexpensive to buy, but in most cases you also need a dedicated IP for it to work. Since IPs are in such short supply don't expect to get the IP address for nothing from your provider. In fact, IP's are now getting more and more expensive to purchase and I've seen some hosts starting to charge up to $10 per month for a dedicated IP address.

 

when we take shared ssl, ip is not giving y?if we take private ssl ,ip is giving ?

 

If it's a shared SSL provided by a hosting company for you to use, you don't need a dedicated IP address. The Shared SSL will have a dedicated IP address but neither the certificate or the IP address it runs on will belong to you. It might seem a strange concept if you've never used a shared SSL from a host before, but it is a legitimate way to set things up and it does work.

With some hosts, a shared SSL for some hosting plans will be the only type of SSL that will be available.

 

I would say it is always a good choice to go for a low-cost SSL together with a dedicated IP if security is a concern.

 

@RonBrown got it spot on, I just want to elaborate a couple of things and basically summarize his explanation in a few words for better understanding.

Simply put a Shared SSL protects your website on a server level (while protecting all the other websites on the same server) and a Private SSL is issued to protect your website and its visitors only.

That being said all web hosts should provide you with a Shared SSL. If they don't, this is a serious alert that they are not protecting their own servers and the clients placed on them. When a certificate is not recognized it doesn't mean its Shared or non-existent, its simply that the browser can't recognize it, which can be fixed with a simple exception.

If you have an online business taking payments or collecting any kind of visitor data it is important to have a Private SSL. This gives a sense of trust to your users and they feel more comfortable sharing their personal/billing info. Normally you would only need a Private SSL on the actual order page, or the page where the clients submit the details. Should there are multiple pages that need protection you might want to look into Wildcard Private SSL's.

Then comes the Dedicated IP. It is essential if you want to have a Private SSL. Because of that many hosts have already made it a bundled product (you pay for the SSL and get the IP+installation for free). We are doing so and I know that many others are doing it too.

Hope that helps.

 

my site is about movie news updates ,is shared ssl is sufficient to me.

 

No you won't. If the shared SSL is correctly set-up there will be no pop-up warning because the certificate will be valid.

You should know A LOT better than to self advertise the hosting company that is in your signature.

 

Correct, to a point. Even if you properly set it up, you cannot control what browser and version the visitor is using and they might still get the message, its not something you can completely overcome.

 

Sorry, but there's no "correct to a point" about this. If the shared SSL is properly set up then they will not receive a security warning about the SSL just because it is a shared SSL.

Browsers not recognizing certificates does happen (although not often these days) but that's got nothing to do with whether the SSL from that supplier/certificate authority is used as a shared SSL or a dedicated SSL (or a "private" SSL, if you prefer). Maybe that's what you meant, but it wasn't clearly stated, and this discussion is about the merits/problems of a shared SSL compared to a dedicated SSL.

 

I would recommend having a dedicated IP and your own SSL certificate. It really does depend on your needs but if you want extra security insurance it may be worth talking to your host about the process.

 

I would say the big thing with any SSL certificate is visitor trust, and if a SSL certificate on a dedicated IP provides that better, it is fairly inexpensive. You can check out someone like namecheap or ssl.com to get this done very quickly.

 

The Whole point of having a SSL is to show your client that you care for there security by encrypting the connection. With a shared SSL, the purpose seems to be lost and no browser would support Shared SSL. Its better to have none rather then a security warning popup every time your visitor visits your website and do consider getting a private SSL, Usually Starts at around $5 a year.

 

You obviously have no idea what you are talking about. A shared SSL is a valid method of providing SSL to your customers and it WILL NOT cause a security warning to pop up. If there is a security warning it's because the certificate supplier is not being recognized by the browser and that would happen irrespective of whether it was a dedicated or shared SSL.

 

Well of course you would, but a dedicated IP and SSL is no safer than using a shared SSL. There are reasons why a dedicated SSL is better than a shared SSL but it's got nothing to do with the validity of the certificate or the security it provides, and not a single person has mentioned any real benefits.

With Google annoucing that sites with SSL will probably eventually be ranked above those without an SSL, irrespective of content, then there is going to be an explosion of people wanting to purchase SSL certificates for their web sites, and the fact is no host in the world has enough IPs available to allow that to happen. IPV6 will give more scope, but its still not largely adopted.

The days of dedicated IPs with SSLs are fading fast, and SNI (Server Name Identification) will become the most common way of providing SSL certificates without having to provide a dedicated IP address at the same time. With SNI you'll find hosts charging a premium for a dedicated IP when they are no longer necessary for SSL.