N
N
nsauk2014-03-27 19:41:14
Digital certificates
nsauk, 2014-03-27 19:41:14

Reselling SSL certificates at low prices: what's the catch?

This question is not one that can be answered in a practical way, but would like someone to explain. Perhaps not only I would like to. There is a Positive SSL
certificate , and Comodo itself asks 49 euros for its issuance. At the same time, the same one will be issued on ssl.com.ua for $15, on namecheap.com for $9, and on gogetssl.com in general for $4.85.
Those. small companies are reselling (it is wrong to use this word, of course, in relation to issuing digital certificates signed by the right company, but everyone does) certificates of large suppliers at much lower prices. If this is not self-activity, as a result of which the issued certificates can be canceled, then what is the profit for these largest suppliers? They seem to be losing profits.

Answer the question

In order to leave comments, you need to log in

3 answer(s)
V
Vladislav Dovoretsky, 2014-03-28
@gogetssl

Actually, it's even easier. By purchasing certificates in large volumes, the reseller receives very good discounts. PositiveSSL is not the main product for earning such companies, it is a secondary product that helps various start-ups, and even small companies, to get a certificate, and not expensive.
The exceptions are small and medium-sized hosting providers, which, say, buy PositiveSSL for $3.75 and sell it on their website for $6, of course, there is practically no income here, they do it only as an extra. Service for your clients. Although those few who focus on more expensive products have a decent income.
I would like to say that only 2-3 companies in the world sell certificates at such a low price, because. are strategic partners of Comodo.
Savings on support, servers. I will give a good example, you will need to pay a minimum of 100 thousand USD. per year to get PositiveSSL for $6-7 per year directly from Comodo, not to mention even lower prices. So just imagine the number of clients a reseller needs to not only survive, but earn. For such a number of clients, investments will be required, and not small ones.
But who really saves is the vendor himself,and Comodo, and RapidSSL, and all the rest. It would seem that their price is $49, resellers pay $4-8, profitability should fall, but no, on the contrary ... And everything is as simple as always, with the advent of large resellers, vendors stopped investing in advertising, marketing, and even support , since all these costs began to be borne by partners. A reseller who pays the vendor astronomical amounts every month, as sales are needed, needs to invest in advertising, the same marketing, and support. There will be a bad caliper, they will go to competitors.
It's not good to set yourself as an example in this case, but I will describe only a few costs of the project, in the recent future, competitors got into the habit of throwing DDOS attacks, protection costs about 500 USD. monthly, 6,000 per year. With a large volume of clients and a load, it is very important to stay online, which is why you have to have servers in different data centers in Europe with full real-time data replication, this results in such a pretty penny that sometimes it’s sad. And then there's a team of technicians, accountants, and so on...
Comodo PositiveSSL targets RapidSSL rather than StartSSL. Not only Comodo does this, the same RapidSSL also officially costs $49, but there are places where you can buy it for $7-8-9.
We will be happy to answer any questions.

V
Vladislav Dovoretsky, 2014-03-28
@gogetssl

@nSauk
I'll comment on the cost though. For DV certificates, there is of course automation, but for its performance you need servers, capacities, and it is unnecessary to forget that each vendor pays a lot of money to each software and hardware manufacturer in order for their certificate to be accepted. This needs to be agreed with every Google, Firefox, Cisco ...
But for business certificates, real people are involved who check companies, fees are often paid to business registers to obtain data, and so on, but this is another topic.
As for secrets, no secrets. There is an API with a vendor, and the vendor directly issues the certificate and only. Even if you take SUB-CA, your own certificates, they will be signed by either Comodo or Symantec.
We usually have at our disposal: the certificate itself (CRT), Intermediate-CA files, CSR code, and sometimes PrivateKey, but only if the client generated a CSR / PrivateKey pair in our system.
We can set the settings for the certificate, for example SHA-1, SHA-2, domain type, Wildcard, EV. By the way, we are one of those

V
Vlad Zhivotnev, 2014-03-28
@inkvizitor68sl

The cost of certificates is zero. They save on support, servers, and much more.
In which case, it will be harder to knock out insurance, most likely. Although I am not aware of any cases where someone received insurance under a certificate.
Well, you need to compare certificates. There really can be a certificate of the "third" level (although now they have begun to select intermediate certificates for signing from everyone).
In general, in the case of Comodo, everything is very simple - they really do not like to sell cheap certificates, but they want to have the market. Therefore, they themselves are mainly engaged in expensive EVs for legal banks, etc., and all the little things are dumped on partners. They clearly do not allow partners to sell the same Enterprise Platinum.
Comodo needs to somehow compete with StartSSL, they decided to do it this way (in principle - it's reasonable, you won't get hemorrhoids with these cheap certificates in support). Plus, it's probably easier for them to sell through resellers outside the US for legal reasons.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question