I would like to know what is the best free & paid SSL certificate provider at this time? I heard more about Let's Encrypt and used it but not sure there are some providers out there will be better than this. Any recommendations?
Unless you want an extended validation certificate (that are expensive) I'd just go with a free solution like Let's Encrypt which are just as good as a domain validated certificate apart from they have no insurance.
Let's Encrypt is free and there is no real competition for it. The other providers offering paid SSL certificates, you can choose CA based on your demand. I usually find GoGetSSL is a best place to buy different certificates, with the lowest pricing compared to others.
Let's Encrypt provide free SSL which uses ACME protocol which is to make it possible to set up an HTTPS server and have it automatically obtain a browser-trusted certificate, without any human intervention. This is accomplished by running a certificate management agent on the web server. The direct connection from your machine to web server will be encrypted.
Now with recommendation, its choice of client always. If you are going to use your own SSL on both cloudflare and webserver then cldouflare is recommended.
If you just want FREE SSL and entire encrypted connection then you can go with Lets encrypt.
One difference is that Let's encrypt is only valid for 90 days I think then it has to be renewed. The paid SSL-s are usually valid for 1-3 years.
I'm using let's encrypt in all my panel accounts due to the autorenewal module, but if I'm perfectly honest I buy the cert for my websites running on VPS-s as I don't have to bother renewing it. It's usually like 10 USD for 3 years.
Yes, there is no doubt Let's Encrypt is a best free & automated SSL certificate provider at this time and gained great popularity, however free SSL has several drawbacks:
- Let's Encrypt offers Domain Validated SSL certificate only.
- Free SSL valid for 90 days with automatic renewal option.
- Let's Encrypt does not offer Organization Validation (OV), Extended Validation (EV), Wildcard SSL or multi-domain SSL certificates. (Note: They will offer wildcard SSL in 2018)
- You can not use free SSL for Email encryption and Code Signing for securing downloadable software.
- There is no warranty and Lack of customer's trust because due to no organization validation.
Whereas, Paid SSL certificates are issued by Certificate Authority (CA) such as Comodo, Symantec, GeoTrust etc. and these certificates are valid for 1-3 years. You can find different types of CA signed SSL certificates at cheapest price (price from approx. $5 per year) from authorized SSL certificate reseller/provider of CA. If you are looking for Paid Extended validation SSL certificates, then I recommend you Cheap SSL Shop. So, you can choose SSL provider based on how many domains you want to secure with SSL and certain level of trust indicator that you want to display.
I would say Let's Encrypt certificate is one of the best available for free. Of course, it is valid only for 3 months, but it is free. We recommend them for clients who do not want to buy a certificate yet or do not need organisation validated SSL.
Our most popular paid certificate is Comodo Positive SSL. Mostly it is chosen because of the price and the reason that clients need the certificate for one domain only.