LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Enterprise Linux Forums > Linux - Enterprise
User Name
Password
Linux - Enterprise This forum is for all items relating to using Linux in the Enterprise.

Notices

Reply
 
Search this Thread
Old 11-13-2012, 03:36 PM   #1
RandomTroll
Member
 
Registered: Mar 2010
Distribution: Slackware
Posts: 290

Rep: Reputation: 27
Can someone recommend a free ssl certificate?


Our non-profit organization used to pay for an SSL certificate principally for the portion of the website that sold stuff. Then we switched to a third-party to handle that portion of the business; it uses its own certificate. But we still have some stuff we want to use SSL for: private fora, membership info... But we don't want to pay for a certificate because there's no risk of monetary loss. We don't want to use our own certificate. Can someone recommend a free certificate? I see a few issuers around.
 
Old 11-13-2012, 04:06 PM   #2
NyteOwl
Member
 
Registered: Aug 2008
Location: Nova Scotia, Canada
Distribution: Slackware, OpenBSD, others periodically
Posts: 512

Rep: Reputation: 139Reputation: 139
Well other than a self-signed (which is probably the easiest/cheapest way you might consider the following. I have used all three and all have worked fine.

http://www.cacert.org/
http://www.startssl.com/
http://www.comodo.com/e-commerce/ssl...ertificate.php

Note that the Comodo cert is only good for 90 days.
 
Old 11-14-2012, 07:48 PM   #3
RandomTroll
Member
 
Registered: Mar 2010
Distribution: Slackware
Posts: 290

Original Poster
Rep: Reputation: 27
Hmmmm.... when I went to cacert.org Firefox told me that its SSL certificate is insecure...
 
Old 11-16-2012, 06:40 PM   #4
NyteOwl
Member
 
Registered: Aug 2008
Location: Nova Scotia, Canada
Distribution: Slackware, OpenBSD, others periodically
Posts: 512

Rep: Reputation: 139Reputation: 139
I don't get any such messages, but I sue Perspectives plug-in. The reason you may be seeing it on their https connection is that CaCert may or may not be in the root certificate list for the browser. Last I recall CaCert was in the process of being included in the default list. Their certs are valid though, and do work. They have been around for quite a while.
 
Old 11-16-2012, 08:58 PM   #5
jefro
Guru
 
Registered: Mar 2008
Posts: 12,070

Rep: Reputation: 1518Reputation: 1518Reputation: 1518Reputation: 1518Reputation: 1518Reputation: 1518Reputation: 1518Reputation: 1518Reputation: 1518Reputation: 1518Reputation: 1518
It can be termed not secure for a few reasons. If you created a self signed certificate and sent it out to all your clients (hopefully in the mail or hand deliver) and they installed it. The cert would not be able to be verified up to some origin unless you further set up a way to authenticate it.

If you installed the self signed certificate then you would be able to tell from the report. Once it has passed the certificate question it shouldn't ask again.
 
Old 11-17-2012, 01:54 PM   #6
RandomTroll
Member
 
Registered: Mar 2010
Distribution: Slackware
Posts: 290

Original Poster
Rep: Reputation: 27
I don't need the certificate. Users of our website need the certificate. We want them not to have to see the warning, inspect the certificate themselves, decide that it's legitimate, add it to their browsers' lists of legitimate certificates.
 
Old 11-17-2012, 02:03 PM   #7
NyteOwl
Member
 
Registered: Aug 2008
Location: Nova Scotia, Canada
Distribution: Slackware, OpenBSD, others periodically
Posts: 512

Rep: Reputation: 139Reputation: 139
As far as I know the only Certificate authority preinstalled in mainstream browsers that offers completely free SSL certs is StartCom (startssl.com). CaCert are last I checked "in process " for inclusion with FireFox (You can check which authorities are built in).

Unless a certificate authority validation certs are already installed in the browser, a user will have to decide whether to accept the cert or not manually, or rely on a plug-in such as Perspectives to override the browser cautionary message.


There would be significantly elss ecurity in secure certificates if the browser just accepted them all automatically.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to import/use CAcert SSL root certificate to use SSL with Xchat IRC client? GrapefruiTgirl Linux - Software 9 04-05-2011 10:54 AM
Apache with SSL does not load the 2nd SSL certificate janstapel Linux - Newbie 1 06-17-2010 10:32 PM
ssl certificate nagavinodh Linux - Newbie 1 11-05-2009 08:43 AM
Free SSL Certificate??? bobb_roof Linux - Enterprise 1 10-23-2006 02:14 AM
Free SSL Certificate mrpc_cambodia Linux - Security 7 03-04-2005 05:56 PM


All times are GMT -5. The time now is 06:58 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration