It’s been a while since we’ve done an Ask SkyVerge question! This question comes from Sati:
What is the best SSL certificate for WooCommerce? Is there a particular SSL certificate that I should use for my store?
Most of the payment gateways available for WooCommerce will keep customers on your site during the checkout process, and therefore require and SSL certificate to secure your customers’ payment information. However, we recommend that all stores use an SSL certificate anyway, as they protect login information for you and your customers. Without an SSL certificate, these details are sent in plain text to your server and could be intercepted.
First of all, here are a couple of good resources we recommend checking out for payment gateway and SSL information:
You don’t need a certain kind of SSL certificate to use with WooCommerce, so the good news is you’ll be able to choose whichever is most appropriate for your business. There are 3 major kinds of SSL certificates (in order of increasing cost):
- Domain Validation (DV): Setup just checks on who owns the domain and displays the “lock icon” and
https://to site visitors. Quick and easy to install.
- Organization Validation (OV): Checks into site ownership and displays the “lock icon” and
https://to site visitors. Takes a bit longer as some company details are vetted.
- Extended Validation (EV): Requires in-depth vetting of company ownership and details. Displays the “green bar” over the company name and
https://to site visitors. Takes a couple of days to obtain and costs the most, but illustrates validity and encourages trust (which can lead to higher conversions). Here’s an example of what it looks like:
The only other thing to consider is whether or not you need a Wildcard certificate. Let’s take WooCommerce as an example. Their main site is WooCommerce.com. However, they also have a support site (support.woocommerce.com) and documentation site (docs.woocommerce.com), which are subdomains of their primary domain name. If you purchase a regular SSL certificate, you’ll have to protect each of these domains with a separate SSL cert. If you purchase a Wildcard certificate, you can protect your primary domain along with any subdomains. As some store owners like to locate their store at
shop.mysite.com instead of
mysite.com/shop/, this can sometimes save money and be easier to manage.
Our favorite place to purchase SSL certificates is DigiCert, though they’re more expensive than most options (starting at $139 / yr). They offer excellent support if you have questions or issues, and also offer free certificate re-issues in case you change DNS services (who keeps the record of your domain name ownership). DigiCert certificates are compatible with almost any browser, and they offer excellent warrantees in case of issues resulting from improper certificates. This protects you if customers suffer damages from improper certification.
If DigiCert is too expensive, we also recommend purchasing from either Namecheap or DNSimple, both of whom resell SSL certificates for a lower price. We also typically purchase all domain names at Namecheap, then switch DNS hosting to DNSimple. SSL certificates from DNSimple start at $20 per year (you must use their DNS hosting already), and certificates from Namecheap start at around $10 per year.
Have other SSL questions? Ask in the comments!