I thought you would like to see the prices on this webpage in , but you can change that instantly, thanks to the Canadian Mind Products CurrCon Applet that you too could use on your own website to display prices in any world currency using today’s exchange rates.
|Digital Certificate Vendors|
|Company||Types of Certificate Sold. All prices are in|
|Company||Types of Certificate Sold. All prices are in|
|A-trust||Code signing certs. per year. SSL (Secure Sockets Layer) certs per year. Site is in German. Last revised/verified: 2011-10-31|
|Actalis||Italian certificate authority. Website is only in Italian. SSL certs. Install roots. Last revised/verified: 2009-08-09|
|Affirm Trust||SSL. Last revised/verified: 2011-10-31|
|CaCert||Welsh certificate authority. Free SSL
SMIME, IM and Open Office digital signing certs. Java, Authenticode and Mozilla XPI
Code Signing Certs after you acquire 100 points of trust. Install
Last revised/verified: 2008-03-04
|Certs4Less||Sell Thawte certs for per year|
|Certum||A Polish company offering over a dozen different types of certificate including code signing certificates. Code signing certificates are free for anyone involved in an open-source project. They also offer a free timestamping service to provide undeniable proof that digital data were not modified or backdated. Prices are higher than previously, but still well below the competition: e.g. for a Java code-signing certificate and to renew. Unfortunately, code-signing roots are not built into cacerts. Last revised/verified: 2007-04-23|
|Camerfirma ( not Camerafirma)||Spanish. Last revised/verified: 2013-02-09 Sell SSL, code signing and many kinds of certificates I have never heard of.|
|Cren||Institutional Certificates, e.g. entire universities. Cost is per institution based on size.|
|Comodo aka InstantSSL||SSL certs from free to for a one year. Comodo owns the following root certificates: UserTrust Network/AddTrust, AAA Certificate Services, Secure Certificate Services and Trusted Certificate Services. These roots are present in Opera and IE (Internet Explorer). IE has Comodo-branded certificates in the Intermediate Certification Authority Section. This is the important place for Authenticode certificates. The AAA Certificate Services root certificate is present is Java’s cacerts. The usual problem with using a low cost certificate is not everyone has the root certificates pre-installed. Comodo does not appear to have that drawback. Authenticode Code Signing certificates for *.exe, *.ocx, *.dll, other *.cab files, or PAD (Portable Application Description) *.xml files are for one year. Last revised/verified: 2012-12-15|
|DigitCert.com||SSL cert per year. Last revised/verified: 2007-04-23|
|Ebizid||SSL Cert to per year. Last revised/verified: 2007-03-23|
|Entrust (USA)||personal email certificates(free), SSL Server(free), VPN (Virtual Private Network) [VPN] (free), SET (free). Free certs are 60-days for testing only. To use them you must first load the Entrust root authority cert into your browser. The code-signing certs appear to have been dropped. Production SSL certs for a year. Last revised/verified: 2007-03-23|
|Firmaprofesional||SSL, code signing, many others. Site is in Spanish. Last revised/verified: 2011-10-31|
|GlobalSign||PersonalSign Demo dual purpose S/MIME (Secure Multipurpose Internet Mail Exchange)
email and SSL
/year. Opera already has the necessary root certificate installed.
PersonalSign 2 email cert /year.
PersonalSign 2 pro qualified email cert, also for digitally signing documents /year.
PersonalSign 3 pro qualified email cert, requires you to visit GlobalSign office to present your credentials. /year.
SSL or TLS (Transport Layer Security) Server /year. Last revised/verified: 2007-03-23
per year. Last revised/verified: 2007-04-23
Authenticode code signing certs per year. Last revised/verified: 2012-12-15
|Ksoftware||Code signing certificate. Multipurpose. Handles Java, Authenticode and many others. Affiliate of Comodo. a year. This is a remarkably good price. Once you place the order, from then on Comodo handles everything. I have ordered a two year certificate. I need to check though that their root certs are preinstalled everywhere I want to use them such as Java cacerts, Excelsior Jet, Windows, Opera and other modern browsers. I have not yet found the root certificates to check, though the company assures me they are universally supported. I also read about some people having trouble using Comodo Authenticode certs to sign PAD XML (extensible Markup Language) files. The vendor says they have successfully signed PADs (Portable Application Descriptions) with them. They also offer a free document signing service with timestamping. Your general purpose certificate is good for this too. requirements. It is best to use Firefox or Chrome to apply, not Opera. Applying for a code signing certificate is quite a production. You must provide multiple proofs you or your company is who you claim. They take Visa, MasterCard, Discover, American Express and PayPal.|
|PGP Pretty Good Privacy||Certificate server software you install issues PGP certificates. PGP Freeware. Last revised/verified: 2007-03-23|
|Let’s Encrypt||Free SSL certs, but valid only for 30 days. I find this odd since it greatly increases their overhead.|
|SSL Shopper||Sell Java code-signing certs from four different companies.|
|QualitySSL, née InstantSSL||128-bit SSL certificate per year for Intranet SSL to per year for wildcard. Last revised/verified: 2007-04-23|
|TC Trust Center||personal email certificates . SSL 1 year. Mobile Java 1 year. Java code signing 1 year. corporate root trusted authority certs. time stamping. Last revised/verified: 2010-08-16|
|TrustWave née SecureTrust née XRamp||EV (extended validation) SSL certificates Last revised/verified: 2007-03-23|
|StartSSL||free SSL certificates. Free actual certificates, not test certificates. This sounds bizarre. How do they make money? What’ the catch? Last revised/verified: 2010-03-26|
|Serifitseerimiskeskus||SSL. Site is in Estonian. Last revised/verified: 2011-10-31|
|Symantec||Symantec offers a timestamping service with their certificates. They offer code-signing and SSL certificates. SSL certs are to per year. They have four kinds of code-signing certificates for a year. Code-signing certificates use 2048-bit keys.|
|I like Thawte. They are friendly and co-operative.
|TuCows||Authenticode for signing PADS and Microsoft apps. Comodo 1 year , Thawte 1 year .|
|Turktrust||SSL , document signing. Site in Turkish and English. Last revised/verified: 2011-10-31|
|Verisign||Symantec bought out Verisign then killed it. Verisign was the prestige company for certs. If any cert will be supported,
recognised and accepted, it used to be Verisign. However, dealing with Verisign
was like dealing with IRS (Internal Revenue Service)
bureaucrats, very cold and businesslike. They were more set up to deal with
large corporations than individual developers. Their website was well
organised so you can quickly find the certificates you need and the prices.
|Verizon (USA)||née Cybertrust. Java code signing certs for . Sell SSL certs for a year. EVL SSL a year. Last revised/verified: 2011-01-05|
Consider buying a 2 or 3-year certificate. It costs less per year. It takes less of your time to buy and install it and you don’t have to reissue all your signed code each year because of an expired certificate.
Certificates cost almost nothing to manufacture. It costs the vendor nothing extra to use a fat key size. It costs the vendor pennies to renew a certificate for another year. So why are they so expensive?
The vendor has to research and vouch that every fact attested in the certificate is indeed true. This requires human labour. Usually there are problems. Vendor staff have to email/phone back and forth with the customer to resolve them. Very few customers are technically competent in certificates. They require handholding to apply for and install them. The more facts, the more labour, the higher the cost.Why then do the prices differ so much between vendors? If a vendor spends money on advertising, he builds a reputation. That helps him pressure browser vendors into including his root certificates. By making certificates expensive, only a rich clientele can afford them. They buy them for the same reason people buy Rolls Royces — to prove to others they are prosperous. The brand becomes associated with large wealthy customers. This gives both the brand and the customer prestige and lets the vendor charge extra, just like Rolls Royce.
This page is posted
Optional Replicator mirror
Your face IP:[220.127.116.11]
You are visitor number|