3 types of certificates DreamHost offers
You can add three different types of certificates in your DreamHost panel:
- Free self-signed certificate
- Free 'Let's Encrypt' certificate
- Paid Comodo certificate
The differences in these are explained below.
Free Self-signed certificate
You have the option to create a free self-signed certificate for your domain. These are secure, but since they are self-signed (and not signed by a trusted authority), a warning message appears in the browser when visiting the site.
- The following warning message appears in FireFox when visiting a site using a free self-signed certificate:
Potential customers might be discouraged by a certificate warning/error message and may not wish to do business with your site when they see this. If you intend to do business over the Internet, especially if you're going to handle electronic transactions, then DreamHost strongly recommends that you purchase a signed certificate for your domain.
You can add a self-signed certificate by adding Secure Hosting to your domain on the (Panel > ‘Domains’ > ‘Secure Hosting’) page. View the following article for further details:
Paid Professionally-signed certificate ($15)
As mentioned above, a self-signed certificate throws a browser warning when visiting the site. If you have a customer facing site, or more importantly, a site that handles sensitive information such as passwords and credit card data, a paid Comodo certificate is highly recommended.
Paid certificates show no browser warnings and offer additional information in the certificate to ensure its authenticity. For example, these certificates include Organizational Validation (OV) which gives your users more peace of mind to ensure the certificate was correctly issues to a legitimate organization.
If you’d like to purchase a professionally-signed certificate, view the following article
Free Let's Encrypt SSL certificates
Let's Encrypt is a new Certificate Authority (CA) that offers FREE SSL certificates that are just as secure as current paid certificates, although a paid certificate is still recommended for e-commerce sites since 'Let's Encrypt' certificates do not offer 'Organizational Validation'. This project was pioneered to make encrypted connections the default standard throughout the Internet.
View the following articles for further information:
A Unique IP address is NOT required to enable Secure Hosting. However, if you plan to use an eCommerce application it's strongly recommend that you add a Unique IP address to provide maximum compatibility with older Internet browsers.
For more information about Unique IP addresses (including instructions for adding one to your domain), take a look at the Unique IP article.