LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Enterprise (https://www.linuxquestions.org/questions/linux-enterprise-47/)
-   -   Can someone recommend a free ssl certificate? (https://www.linuxquestions.org/questions/linux-enterprise-47/can-someone-recommend-a-free-ssl-certificate-4175436984/)

RandomTroll 11-13-2012 02:36 PM
Can someone recommend a free ssl certificate?
 
Our non-profit organization used to pay for an SSL certificate principally for the portion of the website that sold stuff. Then we switched to a third-party to handle that portion of the business; it uses its own certificate. But we still have some stuff we want to use SSL for: private fora, membership info... But we don't want to pay for a certificate because there's no risk of monetary loss. We don't want to use our own certificate. Can someone recommend a free certificate? I see a few issuers around.

NyteOwl 11-13-2012 03:06 PM
Well other than a self-signed (which is probably the easiest/cheapest way you might consider the following. I have used all three and all have worked fine.

http://www.cacert.org/
http://www.startssl.com/
http://www.comodo.com/e-commerce/ssl...ertificate.php

Note that the Comodo cert is only good for 90 days.

RandomTroll 11-14-2012 06:48 PM
Hmmmm.... when I went to cacert.org Firefox told me that its SSL certificate is insecure...

NyteOwl 11-16-2012 05:40 PM
I don't get any such messages, but I sue Perspectives plug-in. The reason you may be seeing it on their https connection is that CaCert may or may not be in the root certificate list for the browser. Last I recall CaCert was in the process of being included in the default list. Their certs are valid though, and do work. They have been around for quite a while.

jefro 11-16-2012 07:58 PM
It can be termed not secure for a few reasons. If you created a self signed certificate and sent it out to all your clients (hopefully in the mail or hand deliver) and they installed it. The cert would not be able to be verified up to some origin unless you further set up a way to authenticate it.

If you installed the self signed certificate then you would be able to tell from the report. Once it has passed the certificate question it shouldn't ask again.

RandomTroll 11-17-2012 12:54 PM
I don't need the certificate. Users of our website need the certificate. We want them not to have to see the warning, inspect the certificate themselves, decide that it's legitimate, add it to their browsers' lists of legitimate certificates.

NyteOwl 11-17-2012 01:03 PM
As far as I know the only Certificate authority preinstalled in mainstream browsers that offers completely free SSL certs is StartCom (startssl.com). CaCert are last I checked "in process " for inclusion with FireFox (You can check which authorities are built in).

Unless a certificate authority validation certs are already installed in the browser, a user will have to decide whether to accept the cert or not manually, or rely on a plug-in such as Perspectives to override the browser cautionary message.


There would be significantly elss ecurity in secure certificates if the browser just accepted them all automatically.


All times are GMT -5. The time now is 10:52 PM.