[dm2]

No, they're not a company that I personally would suggest.

I highly recommend Comodo bought from NameCheap: https://www.namecheap.com/security/ssl-certificates/comodo.a...

Another heartbleed type incident could happen in the near future (lots of eyes on that codebase now) and their strict policy will leave you choosing between coughing up $35 per certificate or leaving your site vulnerable.

There has even been a large amount of discussion regarding removing them from the trusted list of certificate authorities because most of their users can't afford to revoke certificates and have no choice but to leave their sites vulnerable.

[logn]

I also like Comodo+NameCheap. I once tried to buy Comodo elsewhere and the cert activation process was much less friendly (they didn't recognize my authorized whois email of record). Another nice perk I just realized, NameCheap gives you the whole term of the cert from the time you activate the cert, not from the time you purchase (maybe that's common though).

That said, I think the bad press StartSSL is getting is mostly undeserved. You can either choose a free cert with the outside chance you'll want to pay to revoke it, or just automatically pay up front every term. Probabilistically, they still have the cheapest option. And are site admins who can't/won't pay $35 really that likely to have a very secure server anyhow? That means they would have never bought SSL anyhow without StartSSL.