| Mail List on 10 Jul 2013 05:34:42 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] https Certificates Question |
On Wed, 10 Jul 2013 07:40:45 -0400, David Coulson <david@davidcoulson.net> wrote: > On 7/10/13 7:35 AM, Mail List wrote: >> I need to set up one of my apache web servers as a secure server with >> https protocol. >> >> I'm wondering about the costs and potential pitfalls in doing so. > What is the business case for SSL? Not to say you do it no matter the > cost, but in general if you need SSL there is justification to pay for > the cert. >> I'm writing a web application that will have personal data. The user will log in with a password, and then enter data of a personal nature into forms on the web page. My user base will be very unsophisticated, so any type of scary "certificate may not be valid" popup message would be unacceptable. I don't care about the groovy logo, since that won't drive any sales revenue. Basically, I need to safeguard customer's data, and make the safeguarding transparent to them. So I guess I'll start with a one of the free certificates (startssl.com or comodo.com) and see how they work. If I don't get any scary maessages when using IE, I'm probably good to go. Thanks to all for the comments and help! >> A quick web search has found that commercial certificates from the "big >> guys" are around $250/year. However, I see that CAcert offers >> certificates >> for free. > CAcert isn't a universally trusted certificate authority, as they have > not gone through the same certification/auditing process as the large > commercial vendors. In general, I would never run anything production > using their certificates. >> >> Can anyone point me to a good primer/reference for this, or let me know >> how you fared establishing a secure web server? >> > I just buy certificates from Verisign (now Symantec). Maybe $500/yr for > a 'normal' cert, but never had any issues. > > there is a smaller vendor - startssl.org - who offer free certificates, > but not sure how widely they are supported. Comodo keep trying to sell > me stuff, and they are pretty cheap - Think they got compromised a while > ago, so we've avoided them. -- Casey Bralla ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug