Is there a list hiding somewhere that shows which secure certificate providers Google recognizes, validates as trusted?
JOHN MEULLER (Webmaster Analyst from Google):
Some people are concerned that these newer, buy cheap SSL now’ type sellers might be selling bad certificates in Google’s eyes.” From our point of view, we essentially look at the type of certificate instead. so if it matches the minimum requirements of a good certificate in that it has the right or minimum number of bits length key, for example, then that’s something that we’d look at there. We don’t look at individual providers and say, well, this is a bad certificate provider, and this is a good one. If they have the trusted chain going up to the certificate authorities appropriately, then that’s essentially OK from our point of view. That’s not something where we’d say, well, your browser will trust this certificate, but we don’t trust it, We essentially try to mimic what the browsers will trust. There are also certificate providers coming more and more that are offering certificates for free, which can be just as useful because it gives you essentially all the advantages of HTTPS using TLS certificates without having to pay for them individually. So I think there’s an initiative, I think, by Mozilla and the EFF where they’re going to be giving away certificates in the summer, something like that, so if the price of a certificate has been holding you back, maybe that’s something worth waiting for and getting set up then.