Best SSL Certificate Provider

[othellotech]

PCI compliance for $38 a year?

The scanning - yes.

[andygambles]

The scanning - yes.

 

--fil--

[disgruntled]

yes most do, but not many ssl suppliers will provide prices/plans for over 12 months

 

I know geotrust do, upto 5 year purchases. although i dont think that covers EV due to requirements to resubmit documentation.

Edited June 12, 2012 by disgruntled

[disgruntled]

PCI compliance for $38 a year?

 

If you are clued up on PCI compliance it shouldn't cost anything more than the cost of system scanning and certs, so I think £38 dollars is a fair price, although I'm not 100% certain on it due to not needing to be. I take precautions to safeguard client data, but as yet I don't take onsite payments. Although I am sure there will come a time for it. just a case of as and when. I don't see that being any time too soon though.

 

As much as I like WHMCS, I think when the time comes that it will be more cost effective to take onsite payments, then WHMCS may be more of a limitation to my business than the asset that it currently it is.

 

In due course WHMCS wont be the linchpin because I will either have developed my own systems or have enough wedge to pay somebody to do it. either way I'm happy with.

[andygambles]

I know geotrust do, upto 5 year purchases. although i dont think that covers EV due to requirements to resubmit documentation.

 

EV certs have a maximum validity of 2 years. 5 year certs are also disappearing very soon from all providers.

[easyhosting]

The scanning - yes.

 

It produces PCI Compliance reports that are enough for my CC processors to show that i am PCI Complaint

[disgruntled]

EV certs have a maximum validity of 2 years. 5 year certs are also disappearing very soon from all providers.

 

 

Do you have an ETA for this? would be useful to know when its happening to update my system to remove the excess years

[andygambles]

Do you have an ETA for this? would be useful to know when its happening to update my system to remove the excess years

 

I believe the official date as agreed with the CAB forum is 1st July 2012. However providers have started disabling earlier.

 

Geotrust, Symantec, Thawte and RapidSSL will no longer be available after today for 5 years or more.

[easyhosting]

I believe the official date as agreed with the CAB forum is 1st July 2012. However providers have started disabling earlier.

 

Geotrust, Symantec, Thawte and RapidSSL will no longer be available after today for 5 years or more.

 

any links or proof. I have just contacted my contact at thawte and they have not heard anything about this as yet.

[andygambles]

any links or proof. I have just contacted my contact at thawte and they have not heard anything about this as yet.

 

If you are a direct partner the Partner API update (sent 4 June) spec states updates in todays (13 June) deployment include elimination of five and six year validity periods.

 

This is part of a staged reduction to bring certificates down to 3 years by 1 April 2015. See Section 9 of the CA Browser Docs

 

http://cabforum.org/Baseline_Requirements_V1.pdf

[andygambles]

any links or proof. I have just contacted my contact at thawte and they have not heard anything about this as yet.

 

I posted a link but it is waiting moderation.

[disgruntled]

I posted a link but it is waiting moderation.

 

post it without http or www i am sure we can figure out the rest

[andygambles]

Section 9 states that by April 2015 certificates will be reduced to 3 years. The industry is therefore gradually removing the years before this date

 

www. cabforum.org/Baseline_Requirements_V1.pdf

 

If you are a direct partner with thawte then the latest API spec update will have said they are removing 5/6 year certs as of 13 June (This was sent 4 June and also in Feb 2012).