Re: [PLUG] https Certificates Question

[Drew Lehman <dlehman@digitatech.com>]

Don't forget that there are a few of us in the area that can confirm 
your identity for CACerts.

On 7/10/2013 8:28 PM, Casey Bralla wrote:
> This page worked for me with IE 6.0 on XP.  It connected and didn't ask me
> anything.
>
> Thanks, Jonathan!
>
>
> On Wednesday 2013-07-10 11:26:17 AM Jonathan Simpson wrote:
> > There's a free startssl cert on https://talks.fosscon.org if
> > you'd like to check if your browser(s) accept it.
> >
> > On 7/10/2013 11:14 AM, Lee H. Marzke wrote:
> > > I don't think the free certs are recognized widely by
> > > browsers.
> > >
> > > I'm using rapidSSL sold through zoneedit,  $24/yr for
> > > single host and
> > > $125/yr for wildcard.    They claim  %99.9  browsers
> > > accept them.
> > >
> > > I don't use them for e-commerce,  but things like my
> > > secure/large file
> > > transfer appliance  ( file drop  server )
> > >
> > > The rapidSSL cert through the main site is $49/yr ,  don't
> > > understand that
> > > I guess zoneedit is selling wholesale to their clients.
> > >
> > > Lee
> > >
> > >
> > >
> > > ------------------------------------------------------------
> > >
> > >      *From: *"Sam Gleske" <sam.mxracer@gmail.com>
> > >      *To: *"Philadelphia Linux User's Group Discussion
> > >      List" <plug@lists.phillylinux.org>
> > >      *Sent: *Wednesday, July 10, 2013 10:11:57 AM
> > >      *Subject: *Re: [PLUG] https Certificates Question
> > >      
> > >      On Wed, Jul 10, 2013 at 7:35 AM, Mail List
> > >      <maillist@nerdworld.org
> > >      
> > >      <mailto:maillist@nerdworld.org>> wrote:
> > >          I need to set up one of my apache web servers as a
> > >          secure server with
> > >          https protocol.
> > >          
> > >          I'm wondering about the costs and potential
> > >          pitfalls in doing so.
> > >          
> > >          A quick web search has found that commercial
> > >          certificates from the "big
> > >          guys" are around $250/year.  However, I see that
> > >          CAcert offers
> > >          certificates
> > >          for free.
> > >          
> > >          Can anyone point me to a good primer/reference for
> > >          this, or let me know
> > >          how you fared establishing a secure web server?
> > >      
> > >      Hi Casey,
> > >      Allow me to clarify what you intend.  Are you planning
> > >      on making your web server public for people not
> > >      affiliated with you or your company to use?  Or is
> > >      this web server planned for internal/personal use?
> > >      
> > >      If you're trying to run a shopping cart for people to
> > >      interact with your business and your customers are
> > >      random people on the internet then you should
> > >      definitely get a signed certificate from a well known
> > >      and accepted authority (there are a number of them).
> > >      If this is meant for your own internal use then I
> > >      suggest running your own personal certificate
> > >      authority and trusting your certificate authority
> > >      certificate in all the devices that need to connect to
> > >      your servers (phones, web browsers, etc).
> > >      
> > >      You can manage your own personal CA using the openssl
> > >      tools pretty easily.
> > >      
> > >      CA management from Linux,
> > >      http://www.g-loaded.eu/2005/11/10/be-your-own-ca/
> > >      
> > >      CA management from Windows,
> > >      http://sourceforge.net/projects/xca/
> > >      
> > >      You can have a trusted model with your own
> > >      "self-signed" certificates by running a certificate
> > >      authority.  This is not recommended if the public
> > >      needs to access your server because they won't have
> > >      your CA trusted.
> > >      
> > >      SAM
> > >      
> > >      ______________________________________________________________________
> > >      _____
> > >      Philadelphia Linux Users Group         --
> > >      
> > >       http://www.phillylinux.org
> > >      
> > >      Announcements -
> > >      http://lists.phillylinux.org/mailman/listinfo/plug-announce
> > >      General Discussion  --
> > >      http://lists.phillylinux.org/mailman/listinfo/plug
> > >
> > > Lee Marzke,  lee@marzke.net     http://marzke.net/lee/
> > > IT Consultant, VMware, VCenter, SAN storage,
> > > infrastructure, SW CM
> > > +1 800-393-5217  office        +1 484-348-2230        fax
> > > +1 610-564-4932  cell           sip://8003935217@4aero.com
> > > VOIP
> > >
> > >
> > >
> > >
> > > __________________________________________________________________________
> > > _
> > > Philadelphia Linux Users Group         --
> > > http://www.phillylinux.org
> > > Announcements -
> > > http://lists.phillylinux.org/mailman/listinfo/plug-announce
> > > General Discussion  --
> > > http://lists.phillylinux.org/mailman/listinfo/plug
> > ___________________________________________________________________________
> > Philadelphia Linux Users Group         --        http://www.phillylinux.org
> > Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
> > General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug