NAVIGATION
CATEGORIES
REFERRENCE
LINKS
where do I buy a SSL certificate?
13 answers - 623 bytes -
Hi
I've got at website that needs to run https and I understand you need to
purchase an SSL certificate to do so. But what is a fair price and does
it matter from who I buy and what I buy?
My site is located in .dk and the only reason for the https is, I have
som images that is included in a webshop (running https) on another
website (fortunately I don't have to install the certificate myself, the
company hosting my site does that).
rapidssl.com has a certificate which seems okay to me - one year $69
().
Should I go for that ?
Thanx
AskNo.1 | | 584 bytes |
| 
Ask Josephsen wrote:
Hi
I've got at website that needs to run https and I understand you need to
purchase an SSL certificate to do so. But what is a fair price and does
it matter from who I buy and what I buy?
You'd better take care that the issuer's cert is already shipped with
most webbrowsers.
The bigger problem is that every such CA is a scumbag, especially the
cheaper ones.
rapidssl.com has a certificate which seems okay to me - one year $69
().
Should I go for that ?
This one's not.No.2 | | 218 bytes |
| You can create your own self-signed certificate, it will give your user
a warning about it, but works just the same http://www.verisign.com is
probably the biggest seller of certs, very trustedNo.3 | | 440 bytes |
| Journeyman wrote:
You can create your own self-signed certificate, it will give your user
a warning about it, but works just the same http://www.verisign.com is
probably the biggest seller of certs, very trusted
I'd trust a random self-signer more than VeriSign. I just remember some
anonymous guy anonymously phoning VeriSign and they gave him a signature
for a cert with CN=Microsoft Corporation.No.4 | | 163 bytes |
| hi,
have a look at http://www.cacert.org
they offer certs for free but the root cert is (not yet) included in most
browsers
jewoNo.5 | | 653 bytes |
| Ask Josephsen wrote:
Hi
I've got at website that needs to run https and I understand you need to
purchase an SSL certificate to do so. But what is a fair price and does
it matter from who I buy and what I buy?
My site is located in .dk and the only reason for the https is, I have
som images that is included in a webshop (running https) on another
website (fortunately I don't have to install the certificate myself, the
company hosting my site does that).
rapidssl.com has a certificate which seems okay to me - one year $69
().
Should I go for that ?
--
Thanx
AskNo.6 | | 130 bytes |
| unixsphere wrote:
Yeah, the guys who're sending you an encrypted cert and the password in
cleartext.No.7 | | 1396 bytes |
|
Ask Josephsen <ask_rem@rem_minreklame.dkwrites:
I've got at website that needs to run https and I understand you
need to purchase an SSL certificate to do so. But what is a fair
price and does it matter from who I buy and what I buy?
it is also possible to generate your own self-signed SSL certificate
and have clients that need to access your site validate the
certificate via some out-of-band process.
i regularly access some number of https sites with self-signed
certificates where my browser initially complains it is signed by
an unknown certification authority (itself) and gives me an
opportunity to view it, accept it for the current session, and/or load
it for long term acceptance (basically into the same repository that
contains the certification authority self-signed digital certificates
that were loaded as part of building the browsers).
if you really want to buy one go to the security menu in the
browsers (that will be typically used by your clients) and do a list
of the currently loaded self-signed digital certificates this will
give you an indication of which certification authorities that the
browsers are currntly configured to automatically accept.
numerous collected past postings mentioning ssl and ssl digital
certificates
http://www.garlic.com/~lynn/subpubkey.html#sslcertNo.8 | | 1396 bytes |
|
Ask Josephsen <ask_rem@rem_minreklame.dkwrites:
I've got at website that needs to run https and I understand you
need to purchase an SSL certificate to do so. But what is a fair
price and does it matter from who I buy and what I buy?
it is also possible to generate your own self-signed SSL certificate
and have clients that need to access your site validate the
certificate via some out-of-band process.
i regularly access some number of https sites with self-signed
certificates where my browser initially complains it is signed by
an unknown certification authority (itself) and gives me an
opportunity to view it, accept it for the current session, and/or load
it for long term acceptance (basically into the same repository that
contains the certification authority self-signed digital certificates
that were loaded as part of building the browsers).
if you really want to buy one go to the security menu in the
browsers (that will be typically used by your clients) and do a list
of the currently loaded self-signed digital certificates this will
give you an indication of which certification authorities that the
browsers are currntly configured to automatically accept.
numerous collected past postings mentioning ssl and ssl digital
certificates
http://www.garlic.com/~lynn/subpubkey.html#sslcertNo.9 | | 1138 bytes |
| Anne & Lynn Wheeler <lynn@garlic.comwrites:
i regularly access some number of https sites with self-signed
certificates where my browser initially complains it is signed by
an unknown certification authority (itself) and gives me an
opportunity to view it, accept it for the current session, and/or load
it for long term acceptance (basically into the same repository that
contains the certification authority self-signed digital certificates
that were loaded as part of building the browsers).
the real major difference between a self-signed digital certificate
that you generate and a self-signed digital certificate generated
by some certification authority it that the certificate
authorities have convinced the browser vendors (typically by paying
them) to preload their digital certificates into the browser's digital
certificate repository when the browser is built.
however, it is straight-forward operation for clients to do
post-install administrative operations on their browser's digital
certificate repository (adding and/or deleting digital certificates).No.10 | | 1534 bytes |
| Anne & Lynn Wheeler <lynn@garlic.comwrote in
news:m33bf72kf9.fsf@lhwlinux.garlic.com:
Anne & Lynn Wheeler <lynn@garlic.comwrites:
>i regularly access some number of https sites with self-signed
>certificates where my browser initially complains it is signed by
>an unknown certification authority (itself) and gives me an
>opportunity to view it, accept it for the current session, and/or load
>it for long term acceptance (basically into the same repository that
>contains the certification authority self-signed digital certificates
>that were loaded as part of building the browsers).
>
the real major difference between a self-signed digital certificate
that you generate and a self-signed digital certificate generated
by some certification authority it that the certificate
authorities have convinced the browser vendors (typically by paying
them) to preload their digital certificates into the browser's digital
certificate repository when the browser is built.
however, it is straight-forward operation for clients to do
post-install administrative operations on their browser's digital
certificate repository (adding and/or deleting digital certificates).
Actually one of the best phishing (and related) attacks (where you have
access to another's machines) is to diddle the certificate repository.
Very few ever consider this security risk.
Regards,No.11 | | 786 bytes |
|
Ask Josephsen wrote:
Hi
I've got at website that needs to run https and I understand you need to
purchase an SSL certificate to do so. But what is a fair price and does
it matter from who I buy and what I buy?
My site is located in .dk and the only reason for the https is, I have
som images that is included in a webshop (running https) on another
website (fortunately I don't have to install the certificate myself, the
company hosting my site does that).
rapidssl.com has a certificate which seems okay to me - one year $69
().
Should I go for that ?
--
Thanx
Ask
Go Daddy offers the TurboSSL for only $19.95. I'm not sure what makes
the TurboSSL cheaper, but the info is here:No.12 | | 209 bytes |
| Go Daddy offers the TurboSSL for only $19.95. I'm not sure what makes
the TurboSSL cheaper, but the info is here:
I found a comparison page:
Seems like a bargain to me.No.13 | | 136 bytes |
| Thanx - all your comments did help a lot :)
I ended up buying the rapid SSL and it seems to work fine.
/ask
QUESTION ON "Security"
- CFP: IEEE in cooperated International Conference on Intelligent Agents, Web Technologies a
- Security feature in Microsoft's new Windows (Vista) could drive users nuts
- security camera system - solicate for proposal
- Wield the Shield: How Trustworthy Is Your OS?
- HTTP Scan without Log
- HACP Hacker against child pornography
- Homeland Security Training
- Microsoft patches Windows, Exchange flaws...
- CFP: IEEE in cooperated International Conference on Computational Intelligence for Modelli
- New site dedicated to security conferences : www.security-briefings.com
- Security feature in Microsoft's new Windows (Vista) could drive users nuts
- HACP Hacker against child pornography
- What do you think is causing this heat?
- authentication (SRP*, DH, TLS)
- 2nd Underhanded C Contest Begins
- tripwire - is it enough that I'll check database's hash?
- Open-source bug hunt results posted
- Scholars for 9/11 Truth & Justicefor911.org
- HEY NEIGHBOR, STOP PIGGYBACKING ON MY WIRELESS
- Webcam Security Camera Advice