Chances are, you already have an SSL provider – the importance of SSL/TLS certificates has long been accepted and ever since browsers started highlighting unsecured websites, over 95% of website traffic is now being served as HTTPS encrypted traffic.
But what if, like many relationships born on the internet, the attraction is starting to fizzle out? Maybe you rushed into a relationship with the first SSL provider you could find, in a rush to fix all your web security problems. As it turns out, you and your SSL provider aren’t such a great match after all.
It’s a likely story – but there’s reason to hold out hope for something better.
In this blog, we’ll help you spot what actually makes a great SSL provider, and how to make the switch once you’re ready.
The good news: breaking up with your current SSL provider isn’t so hard to do. In fact, the process is mostly straightforward. And to make it as simple as possible, we’ve created a handy checklist for you. If you have any questions or need any assistance – we’re here to help you with your next SSL/TLS certificate!
What you have: Your certificate status quo
If you have a small eCommerce website, chances are you know your exact number of SSL/TLS certificates and who your SSL provider is. But what if you are a global company set up with different IT teams, different websites, and use cases for SSL/TLS certificates?
It is important to keep track of your certificates: which ones you have, what they are securing, when they are expiring, and who is the administrator. Only then can you be sure that your environment is secured at all times without interruptions.
But if manually pulling together a certificate inventory doesn’t sound like your idea of a good time, GlobalSign offers a free tool called the Certificate Inventory Tool (CIT) which lets companies track down their SSL/TLS certificates, monitor expirations, issuing CAs and validity periods, both for internal and external certificates.
What you need: Your certificate wishlist
Now that you have an understanding of your current setup, the next step is to determine what your future setup should be like. Have you been daydreaming of automated certificate management tools? What is your internal vs external usage going to look like? Do you need to consider API integrations?
The answers to all of these questions will help form a picture of your requirements and a long-term certificate strategy. The answers to those questions are also really useful when approaching potential SSL providers. They will help you determine your best SSL provider match.
What it costs: Can you save money with a new SSL provider?
When looking at SSL/TLS certificates it’s all too easy to only focus on the initial expenditure of the certificates.
When you start to compare SSL providers, there are more costs to consider:
- Ongoing operational costs – How much internal IT time will you need to spend to manage and maintain your SSL setup?
- Platform costs – Is there a cost involved for platform setup or usage?
- Cost of failure – What consequences would it have to your company if certificates expired?
Depending on your internal public key infrastructure (PKI) knowledge, the answers can be widely different, but should all be considered in cost calculations.
What’s your match: Find an SSL provider that treats you like an equal partner
With a cost overview in mind, you can start looking at your SSL provider match. We already have a great blog giving more details of what makes a good SSL provider, but here’s a summary.
History and reliability: Choose a CA that has many years of industry experience and established roots and trust anchors
The SSL platform: How easily can you manage your SSL/TLS certificates on an ongoing basis? Think rollout, reissues, renewals and revocations!
Easy and flexible: Pick a provider that can give you a deal to match your requirements. You shouldn’t have to compromise on your needs.
Support: Does the SSL provider have a strong support team on hand to help you navigate your specific setup and requirements?
Innovation and automation: SSL/TLS certificates shouldn’t be a manual tedious process – with integrations to enterprise systems like Active Directory or Mobile Device Management Platforms (MDMs) and support for protocols like SCEP and ACME you can save your IT teams precious time by automating your PKI processes.
Who is the best SSL provider?
Truth be told – it depends. It depends on your current internal systems, processes, and goals. It depends on your requirements. And it depends on your internal PKI knowledge. The best starting point is collating some information with the help of our free SSL provider checklist. See below or click here to download and fill in the PDF.
- Which domains and subdomains do you need to secure?
- Is the solution for you/your company or your customer?
- Are you a registered company? Yes/No
- How many internal/ external SSL/TLS certificates are you currently managing?
- Are you looking to manage other types of certificates, too (e.g. Document Signing, Code Signing, Secure Email)?
- When are you looking to implement a solution?
Reputable SSL providers will then be able to give you a customized recommendation. Our team at GlobalSign are always happy to talk and help, should you have any questions or are considering an SSL provider switch.
Don’t leave your company’s website and user security up to chance. Choosing GlobalSign as your SSL/TLS certificate provider is the best way to issue vetted and validated digital identities across your enterprise and automatically manage the lifecycle of all your digital certificates.