You want to beware of what you're buying, chained certificates are OK if it's for something where you have a small number of users (say site admins) but you will look like an incompetent nitwit if your clients customers are getting browser security errors because they don't have the intermediate certificate installed in their browser.

My recommendation for ease of use and fast turnaround is Geotrust or one of their resellers.

I think the ones from GoDaddy work fine in most browsers. Or no?

I had a bad experience where a customer trying to save a buck who got one of the $15 dollar startech certs offered by GoDaddy was screaming at me because their customers were getting errors and invalid certificate warnings. It worked fine in the his browser because the first time you visited the issuing website it offered to install the intermediate cert in your browser. It didn't work for J. Random Shopper and the merchant in question didn't find out about this problem until he was helping his sister purchase something from the store.

Thus my antipathy to GoDaddy; they made $15 bucks off that merchant, but I will recommend against them, because it's pretty sleazy to play that kind of game on people.

Actually, firefox 3 on xp is missing a godaddy cert line. Just install the certificate chain/bundle instead of the lone certificate and you'll be ok.

There are certain corner cases where this doesn't work (one that comes to mind is WPA enterprise certificate negotiation in Windows XP, completely unrelated to HTTPS).

If the requirement for "virtually all browsers" includes esoteric mobile stuff I'd be concerned about intermediate certificate authorities. If you're doing desktop applications/common mobile applications, these providers will have solutions for you.

That's not completely true. Almost all certifiate providers issue chain certificate (even VeriSign) because it is better security practice. You simply need to install the inetermediate certificate on the server and none of the visitors will receive errors.

I wouldn't touch godaddy with a stolen computer to paraphrase the late George Carlin.

I've used GoDaddy SSL certs without any problem.

Considering they are 1/2 the price of instantssl.com, I'd say they're a fine option–especially if you're bootstrapping.

We've had great success with GoDaddy SSL too. Just because they have a terrible sign up process and UI doesn't mean that their products are terrible.

The problem with godaddy is that they seem to reduce costs very aggressively by automating about 95% of all cases. If you happen to have issues that fall within the remaining 5% you're totally screwed because they simply refuse to help. That's my experience anyway.

Agreed.

I should also mention that they have the lowest wildcard certificate I can find.

A few of my SaaS apps require this because they're subdomain-based. $200 is still a lot for a wildcard cert, but less than $379

why is that?

Because I've had a pretty bad experience with godaddy when it comes to domain names, that burns them as a supplier in my book, possibly they are 'better' when it comes to certificates but once bitten twice shy.