| Lee H. Marzke on 10 Jul 2013 08:38:37 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] https Certificates Question |
Firefox 21.0 on Ubuntu 12.04 64 bit accepts it. ----- Original Message ----- > From: "Jonathan Simpson" <jonathan@jdsnetwork.com> > To: plug@lists.phillylinux.org > Sent: Wednesday, July 10, 2013 11:26:17 AM > Subject: Re: [PLUG] https Certificates Question > > There's a free startssl cert on https://talks.fosscon.org if > you'd like to check if your browser(s) accept it. > > On 7/10/2013 11:14 AM, Lee H. Marzke wrote: > > I don't think the free certs are recognized widely by > > browsers. > > > > I'm using rapidSSL sold through zoneedit, $24/yr for > > single host and > > $125/yr for wildcard. They claim %99.9 browsers > > accept them. > > > > I don't use them for e-commerce, but things like my > > secure/large file > > transfer appliance ( file drop server ) > > > > The rapidSSL cert through the main site is $49/yr , don't > > understand that > > I guess zoneedit is selling wholesale to their clients. > > > > Lee > > > > > > > > ------------------------------------------------------------ > > > > *From: *"Sam Gleske" <sam.mxracer@gmail.com> > > *To: *"Philadelphia Linux User's Group Discussion > > List" <plug@lists.phillylinux.org> > > *Sent: *Wednesday, July 10, 2013 10:11:57 AM > > *Subject: *Re: [PLUG] https Certificates Question > > > > On Wed, Jul 10, 2013 at 7:35 AM, Mail List > > <maillist@nerdworld.org > > <mailto:maillist@nerdworld.org>> wrote: > > > > I need to set up one of my apache web servers as a > > secure server with > > https protocol. > > > > I'm wondering about the costs and potential > > pitfalls in doing so. > > > > A quick web search has found that commercial > > certificates from the "big > > guys" are around $250/year. However, I see that > > CAcert offers > > certificates > > for free. > > > > Can anyone point me to a good primer/reference for > > this, or let me know > > how you fared establishing a secure web server? > > > > > > Hi Casey, > > Allow me to clarify what you intend. Are you planning > > on making your web server public for people not > > affiliated with you or your company to use? Or is > > this web server planned for internal/personal use? > > > > If you're trying to run a shopping cart for people to > > interact with your business and your customers are > > random people on the internet then you should > > definitely get a signed certificate from a well known > > and accepted authority (there are a number of them). > > If this is meant for your own internal use then I > > suggest running your own personal certificate > > authority and trusting your certificate authority > > certificate in all the devices that need to connect to > > your servers (phones, web browsers, etc). > > > > You can manage your own personal CA using the openssl > > tools pretty easily. > > > > CA management from Linux, > > http://www.g-loaded.eu/2005/11/10/be-your-own-ca/ > > > > CA management from Windows, > > http://sourceforge.net/projects/xca/ > > > > You can have a trusted model with your own > > "self-signed" certificates by running a certificate > > authority. This is not recommended if the public > > needs to access your server because they won't have > > your CA trusted. > > > > SAM > > > > ___________________________________________________________________________ > > Philadelphia Linux Users Group -- > > http://www.phillylinux.org > > Announcements - > > http://lists.phillylinux.org/mailman/listinfo/plug-announce > > General Discussion -- > > http://lists.phillylinux.org/mailman/listinfo/plug > > > > > > > > > > -- > > "Between subtle shading and the absence of light lies the > > nuance of iqlusion..." - Kryptos > > ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug