Re: [PLUG] https Certificates Question

On Wed, Jul 10, 2013 at 7:35 AM, Mail List <maillist@nerdworld.org> wrote:

I need to set up one of my apache web servers as a secure server with
https protocol.

I'm wondering about the costs and potential pitfalls in doing so.

A quick web search has found that commercial certificates from the "big
guys" are around $250/year. However, I see that CAcert offers
certificates
for free.

Can anyone point me to a good primer/reference for this, or let me know
how you fared establishing a secure web server?

Hi Casey,
Allow me to clarify what you intend. Are you planning on making your web server public for people not affiliated with you or your company to use? Or is this web server planned for internal/personal use?

If you're trying to run a shopping cart for people to interact with your business and your customers are random people on the internet then you should definitely get a signed certificate from a well known and accepted authority (there are a number of them). If this is meant for your own internal use then I suggest running your own personal certificate authority and trusting your certificate authority certificate in all the devices that need to connect to your servers (phones, web browsers, etc).

You can manage your own personal CA using the openssl tools pretty easily.

CA management from Linux,
http://www.g-loaded.eu/2005/11/10/be-your-own-ca/

CA management from Windows,
http://sourceforge.net/projects/xca/

You can have a trusted model with your own "self-signed" certificates by running a certificate authority. This is not recommended if the public needs to access your server because they won't have your CA trusted.

SAM

___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug