Drew Lehman on 11 Jul 2013 11:09:39 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] https Certificates Question


Don't forget that there are a few of us in the area that can confirm your identity for CACerts.

On 7/10/2013 8:28 PM, Casey Bralla wrote:
This page worked for me with IE 6.0 on XP.  It connected and didn't ask me
anything.

Thanks, Jonathan!


On Wednesday 2013-07-10 11:26:17 AM Jonathan Simpson wrote:
There's a free startssl cert on https://talks.fosscon.org if
you'd like to check if your browser(s) accept it.

On 7/10/2013 11:14 AM, Lee H. Marzke wrote:
I don't think the free certs are recognized widely by
browsers.

I'm using rapidSSL sold through zoneedit,  $24/yr for
single host and
$125/yr for wildcard.    They claim  %99.9  browsers
accept them.

I don't use them for e-commerce,  but things like my
secure/large file
transfer appliance  ( file drop  server )

The rapidSSL cert through the main site is $49/yr ,  don't
understand that
I guess zoneedit is selling wholesale to their clients.

Lee



------------------------------------------------------------

     *From: *"Sam Gleske" <sam.mxracer@gmail.com>
     *To: *"Philadelphia Linux User's Group Discussion
     List" <plug@lists.phillylinux.org>
     *Sent: *Wednesday, July 10, 2013 10:11:57 AM
     *Subject: *Re: [PLUG] https Certificates Question
On Wed, Jul 10, 2013 at 7:35 AM, Mail List
     <maillist@nerdworld.org
<mailto:maillist@nerdworld.org>> wrote:
         I need to set up one of my apache web servers as a
         secure server with
         https protocol.
I'm wondering about the costs and potential
         pitfalls in doing so.
A quick web search has found that commercial
         certificates from the "big
         guys" are around $250/year.  However, I see that
         CAcert offers
         certificates
         for free.
Can anyone point me to a good primer/reference for
         this, or let me know
         how you fared establishing a secure web server?
Hi Casey,
     Allow me to clarify what you intend.  Are you planning
     on making your web server public for people not
     affiliated with you or your company to use?  Or is
     this web server planned for internal/personal use?
If you're trying to run a shopping cart for people to
     interact with your business and your customers are
     random people on the internet then you should
     definitely get a signed certificate from a well known
     and accepted authority (there are a number of them).
     If this is meant for your own internal use then I
     suggest running your own personal certificate
     authority and trusting your certificate authority
     certificate in all the devices that need to connect to
     your servers (phones, web browsers, etc).
You can manage your own personal CA using the openssl
     tools pretty easily.
CA management from Linux,
     http://www.g-loaded.eu/2005/11/10/be-your-own-ca/
CA management from Windows,
     http://sourceforge.net/projects/xca/
You can have a trusted model with your own
     "self-signed" certificates by running a certificate
     authority.  This is not recommended if the public
     needs to access your server because they won't have
     your CA trusted.
SAM ______________________________________________________________________
     _____
     Philadelphia Linux Users Group         --
http://www.phillylinux.org Announcements -
     http://lists.phillylinux.org/mailman/listinfo/plug-announce
     General Discussion  --
     http://lists.phillylinux.org/mailman/listinfo/plug

Lee Marzke,  lee@marzke.net     http://marzke.net/lee/
IT Consultant, VMware, VCenter, SAN storage,
infrastructure, SW CM
+1 800-393-5217  office        +1 484-348-2230        fax
+1 610-564-4932  cell           sip://8003935217@4aero.com
VOIP




__________________________________________________________________________
_
Philadelphia Linux Users Group         --
http://www.phillylinux.org
Announcements -
http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --
http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug