Regarding SSL Certificates
-
An upcoming project requires SSL on our webserver, so I have been checking on certificates from different sources. We already use Thawte for code signing and it would be nice to manage all the certificates together plus I would think that the screening/verification process could be skipped when adding a service. Anyway, so I go check at Thawte first...looks like the one I need is $149/yr. Checking around, I found ssls.com[^] and notice that the same certificate there is only $29/yr. :wtf: Is there anything I should be aware of when going through a reseller?..I mean, that's quite a difference. Anybody used them? (ssls.com) Does CP sell ssl certs? I thought they did, but searching the site turns up nothing today.
"Go forth into the source" - Neal Morse
There is a reason not to use your self-generated SSL?
I'm not questioning your powers of observation; I'm merely remarking upon the paradox of asking a masked man who he is. (V)
-
An upcoming project requires SSL on our webserver, so I have been checking on certificates from different sources. We already use Thawte for code signing and it would be nice to manage all the certificates together plus I would think that the screening/verification process could be skipped when adding a service. Anyway, so I go check at Thawte first...looks like the one I need is $149/yr. Checking around, I found ssls.com[^] and notice that the same certificate there is only $29/yr. :wtf: Is there anything I should be aware of when going through a reseller?..I mean, that's quite a difference. Anybody used them? (ssls.com) Does CP sell ssl certs? I thought they did, but searching the site turns up nothing today.
"Go forth into the source" - Neal Morse
Do you need the certificate just for your own needs and to get the technology working? Use a self signed certificate. If the purpose that your customers should be protected from man in the middle attacks, use a reputable certificate that actually check who you are.
Wrong is evil and must be defeated. - Jeff Ello[^]
-
I got a free cert from startssl. Can't beat free.
-
There is a reason not to use your self-generated SSL?
I'm not questioning your powers of observation; I'm merely remarking upon the paradox of asking a masked man who he is. (V)
As long as you don't need anyone to trust your certificate, e.g. if you hold both ends of all communication where the certificate will be used, and there is no way whatsoever that anyone can inject traffic on that communication line, masquerading himself with another self-signed certificate pretending to be you, then self-signing is perfectly safe. But then you probably have limited need of SSL at all.
-
As long as you don't need anyone to trust your certificate, e.g. if you hold both ends of all communication where the certificate will be used, and there is no way whatsoever that anyone can inject traffic on that communication line, masquerading himself with another self-signed certificate pretending to be you, then self-signing is perfectly safe. But then you probably have limited need of SSL at all.
SSL have two purposes: 1. Add a level of cryptography to the communication between client and server. For that a self signed certificate more than enough.. 2. Prove to client (and sometimes the other way around) that the server is who he claims to be. For that you have to choose a 3rd party - trusted by the client - and get certificate from him...
I'm not questioning your powers of observation; I'm merely remarking upon the paradox of asking a masked man who he is. (V)
-
Do you need the certificate just for your own needs and to get the technology working? Use a self signed certificate. If the purpose that your customers should be protected from man in the middle attacks, use a reputable certificate that actually check who you are.
Wrong is evil and must be defeated. - Jeff Ello[^]
Could someone list of couple of places for ones that are reputable? I was looking at Namecheap.com the other day, still trying to figure out one for a decent price, but that I wouldn't have any complications with at the same time.
-
An upcoming project requires SSL on our webserver, so I have been checking on certificates from different sources. We already use Thawte for code signing and it would be nice to manage all the certificates together plus I would think that the screening/verification process could be skipped when adding a service. Anyway, so I go check at Thawte first...looks like the one I need is $149/yr. Checking around, I found ssls.com[^] and notice that the same certificate there is only $29/yr. :wtf: Is there anything I should be aware of when going through a reseller?..I mean, that's quite a difference. Anybody used them? (ssls.com) Does CP sell ssl certs? I thought they did, but searching the site turns up nothing today.
"Go forth into the source" - Neal Morse
If you use Windows tools, and want an easy life, don't get one that is 'extra validation' from Entrust.... few of the GUI tools support it, leaving you at the command line... while not 'hard', it's not simple or nice!
-
An upcoming project requires SSL on our webserver, so I have been checking on certificates from different sources. We already use Thawte for code signing and it would be nice to manage all the certificates together plus I would think that the screening/verification process could be skipped when adding a service. Anyway, so I go check at Thawte first...looks like the one I need is $149/yr. Checking around, I found ssls.com[^] and notice that the same certificate there is only $29/yr. :wtf: Is there anything I should be aware of when going through a reseller?..I mean, that's quite a difference. Anybody used them? (ssls.com) Does CP sell ssl certs? I thought they did, but searching the site turns up nothing today.
"Go forth into the source" - Neal Morse
-
An upcoming project requires SSL on our webserver, so I have been checking on certificates from different sources. We already use Thawte for code signing and it would be nice to manage all the certificates together plus I would think that the screening/verification process could be skipped when adding a service. Anyway, so I go check at Thawte first...looks like the one I need is $149/yr. Checking around, I found ssls.com[^] and notice that the same certificate there is only $29/yr. :wtf: Is there anything I should be aware of when going through a reseller?..I mean, that's quite a difference. Anybody used them? (ssls.com) Does CP sell ssl certs? I thought they did, but searching the site turns up nothing today.
"Go forth into the source" - Neal Morse
-
Free is rarely worth the price. Generally better to pay for quality.
You'll never get very far if all you do is follow instructions.
PIEBALDconsult wrote:
Free is rarely worth the price.
True, that. Do you know if the free ones even use encryption to transfer data? Considering the messages I've seen on some HTTPS sites, some people don't even know how to use the encryption certificate to encrypt the page. (I admit it, I don't know how to do that, because I haven't worked with SSIS licensing services.)
-
PIEBALDconsult wrote:
Free is rarely worth the price.
True, that. Do you know if the free ones even use encryption to transfer data? Considering the messages I've seen on some HTTPS sites, some people don't even know how to use the encryption certificate to encrypt the page. (I admit it, I don't know how to do that, because I haven't worked with SSIS licensing services.)
I have no idea. I don't touch the stuff.
You'll never get very far if all you do is follow instructions.
