I can’t say I know where this started or why it started but it seems the hosting industry for the most part has taken SSL certificates and the lack of a customers education on the market and turned it into high profit margins.
It may look like I am picking on WPEngine here but I am not. They just happen to recently start offering SSL certificates. Since I am positive WPEngine cares about their customers much more than I am OK with calling them out a bit 🙂
Many other hosts do the same exact thing, reselling SSL certificates for many times what they actually pay for it while at the same time in most cases the entire process is automated. The goal of this post is simply to push the average user to take a bit of time to learn about SSL and become an informed consumer, and maybe save a few bucks in the process.
WPEngine now offers SSL Certificates
WPEngine is a fairly well known WordPress host. They can scale your sites in a way that most average WordPress users cannot even imagine. They also just announced a week ago that they offer SSL certificates now! This is great for customers because the process before of getting SSL setup may have been a bit daunting trying to figure out their CSR’s and getting the keys and validating their domain. For some this is amazingly easy, for the average WordPress user CSR is just another acronym they do not care to know. This potentially complex process is now just a few clicks away! Awesome right?!
You can get WPEngine’s $50 SSL certificate from NameCheap is $10.95
Based on this comment the SSL certificate you receive from WPEngine is a RapidSSL certificate. If you were to shop around that same RapidSSL certificate is $10.95 on NameCheap. It is even cheaper if you buy it for a longer period or if you buy a lot of SSL certificates/domains from NameCheap you can get reseller pricing (I have level 2 reseller pricing).
So whats the difference?
The difference is you have to do a little more work for your NameCheap certificate. Not that it is a hard process:
- Generate your CSR and upload it to NameCheap. I use a little wizard that gives me some text I can paste rigt into my terminal.
- Validate your email by clicking a link that gets emailed to you.
- Download your SSL certificate files and send them to WPEngine in a support ticket.
All together this is maybe 5 minutes of copy/pasting/waiting for an email/sending a ticket work. When I can save a few bucks by doing something myself I’m all for it, especially when 5 minutes can save me $40.
But you are willing to spend $40 to not have to spend maybe an hour to learn how to do this?
Sure! More power to you and WPEngine will of course take care of you. There is absolutely nothing wrong with buying your SSL certificate from WPEngine or any other host. Let me show you a little basic math here though.
Say you run three sites, and two of them need SSL certificates. You do not want to buy the certificates for long term just yet so you are going to renew it annually. Let’s see the cost difference over the course of three years.
Two Sites * $49.99 * 3 Years = $299.94
Two Sites * $10.95 * 3 Years = $65.70
A direct cost savings of $234.20. Now say you value your time at anywhere from $50-$100 an hour. Subtract the value of one hour of your time from that savings, are you still in the green? Do you run multiple sites that you want to setup SSL for? Then maybe it is time to sit down for an hour and learn the basics of SSL and save yourself a little bit of money.
Now imagine you run an agency and you have 20 sites you host on WPEngine that require SSL. Are you ready to save $800?
All that said, there are much worse hosts to buy SSL certificates from. There maybe one host out there that sponsors a NASCAR driver that went out and made themselves a certificate signing authority and branded their own certificates and charges the same $50 price for them while still making you do all the work.
PS: Sorry WPEngine! 🙂