CloudFlare SSL Certificate Detail


#1

I am looking to place an online shop under the CloudFlare plan but I (my client) wondered what the SSL certificate type is, is it “extended” or “standard”?
Also what level of assurance do the CF SSL’s give the client?
And whats the difference between the 3 types, are they all the same encryption type, ciphers, etc.
I’ve looked and found a list of ciphers but it isn’t clear which of the 3 types of SSL have these ciphers, or do all 3 have all of them?

Free = shared ssl with upto 50 other domains
$5 = dedicated ssl to your own domain
$10 = dedicated ssl to your own domain & name in security bar

But what is the actual differences (apart from what i’ve listed) and are they all the same ciphers, any assurance levels, etc.?

Could do with some infographics like:
https://www.ssls.com/ssl-certificates/comodo-ev-ssl

Sorry if its a stupid question, but I can’t find any detail
Thanks


#2

Cloudflare’s free certificate is a shared certificate with up to 50 other host names and uses SNI. The paid certificates behave the same (neither is an EV certificate so don’t display the company name in the green bar). The $5 certificate supports example.com and *.example.com. The $10 certificate supports up to 50 SANs.

All the certificates are issued by partner CAs, generally Comodo and/or Digicert and support the same cyphers.

If your customer wants an EV certificate they would need to order their own and upload a dedicated certificate (Business plan option).


#3

Thanks for the reply, which of your offerings would you recommend for an online shop?
Is the free version enough?
Is there any warranty, assurance, etc. with any of your SSL’s?


#4

The certificates are issued through our partners, I’m not sure if those ‘warranties’ apply such as they are… I personally don’t believe they are actually of any value as the terms and conditions are designed so that no one will ever be able to collect.

The free certificate is certainly fine for any site. Some customers prefer to have only their host name listed and so might choose to have a dedicated certificate. Others have existing certificates and wish to bring their own for consistency… there isn’t a wrong answer really as long as SSL is in use.


#5

Thanks, totally agree with the warranty, etc. but you know what clients are like, they read that they need an EV SSL and then its a matter of trying to explain why they don’t really or if they do then why it costs so much more.
I’ll go back to them and go through the different types and what they get with which (if i can figure that out).


#6

Some folks really like having the name of their company in the green bar… beyond that you’d be hard pressed to convince me there’s any value to an EV. But the CAs do conveniently market their most expensive offering as ‘the greatest thing ever’.


#7

There’s no public evidence any CA has ever paid out.

https://scotthelme.co.uk/do-ssl-warranties-protect-you-as-much-as-rocks-keep-tigers-away/


#8

This topic was automatically closed after 14 days. New replies are no longer allowed.