Mail List on 10 Jul 2013 05:34:42 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] https Certificates Question

On Wed, 10 Jul 2013 07:40:45 -0400, David Coulson <>
> On 7/10/13 7:35 AM, Mail List wrote:
>> I need to set up one of my apache web servers as a secure server with
>> https protocol.
>> I'm wondering about the costs and potential pitfalls in doing so.
> What is the business case for SSL? Not to say you do it no matter the 
> cost, but in general if you need SSL there is justification to pay for 
> the cert.

I'm writing a web application that will have personal data.  The user will
log in with a password, and then enter data of a personal nature into forms
on the web page.

My user base will be very unsophisticated, so any type of scary
"certificate may not be valid" popup message would be unacceptable.   I
don't care about the groovy logo, since that won't drive any sales revenue.

Basically, I need to safeguard customer's data, and make the safeguarding
transparent to them.

So I guess I'll start with a one of the free certificates ( or and see how they work.  If I don't get any scary maessages when
using IE, I'm probably good to go.

Thanks to all for the comments and help!

>> A quick web search has found that commercial certificates from the "big
>> guys" are around $250/year.  However, I see that CAcert offers
>> certificates
>> for free.
> CAcert isn't a universally trusted certificate authority, as they have 
> not gone through the same certification/auditing process as the large 
> commercial vendors. In general, I would never run anything production 
> using their certificates.
>> Can anyone point me to a good primer/reference for this, or let me know
>> how you fared establishing a secure web server?
> I just buy certificates from Verisign (now Symantec). Maybe $500/yr for 
> a 'normal' cert, but never had any issues.
> there is a smaller vendor - - who offer free certificates, 
> but not sure how widely they are supported. Comodo keep trying to sell 
> me stuff, and they are pretty cheap - Think they got compromised a while

> ago, so we've avoided them.


Casey Bralla
Philadelphia Linux Users Group         --
Announcements -
General Discussion  --