Need Recommendation for 1 Year SSL from a good FOSS Company
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Need Recommendation for 1 Year SSL from a good FOSS Company
I'm helping a friend who hosts web sites on GoDaddy.
GoDaddy has Snubbed LetsEncrypts ACME 60 Day auto-renewal security system (because its free?)
With only Cpanel the next step is find a 1 year SSL certificate company to purchase from.
Ive purchased from Comodo in the past, but i want to find a moral and ethical company that represents the FOSS ideals. Any ideas?
^ Aren't they saying that they don't want to use LetsEncrypt?
I'm a little confused.
Also I don't understand "Snubbed", or "With only Cpanel the next step".
By my reading, mh4it is saying:
1) they don't want Comodo certificates (aka Sectigo), due to unethical behaviour of that company
2) GoDaddy doesn't allow Let's Encrypt and/or ACME
I don't understand the "With only Cpanel..." bit either. Perhaps referencing that cPanel's default SSL provider is Sectigo/Comodo.
(It can be overridden to other providers, including Let's Encrypt, but I don't know if there's a specific API/whitelist of compatible providers.)
Snubbed is pretending someone doesn't exist - i.e. what GoDaddy is doing with regards Let's Encrypt.
Thank you for addressing my question!
My friend is not tech savy and they are stuck with GoDaddy for at least 1 year. GoDaddy Cpanel is the only admin choice at the moment. The self signed certs arent any good, most of this is frustration
1.) GoDaddy charges alot for SSL but blocks ACME
2.) I use DevuanOS and always defer to FOSS solutions whenever possible but my internet search for a SSL provider came up with very little!!!
1.) GoDaddy charges alot for SSL but blocks ACME
2.) I use DevuanOS and always defer to FOSS solutions whenever possible but my internet search for a SSL provider came up with very little!!!
I'm not really sure what ACME means, but if GoDaddy are blocking some cert providers, you have to find one that is accepted by them, says Cpt. Obvious.
AFAICS SSL cert providers are not "open source" in any way. They're all ultimately commercial entities (yes, letsencrypt too) and they don't provide source code, so it's not open source anyhow.
Personally, and because I live in Europe, I prefer a European solution, but I'm sure that's of no use to you.
I feel you though, I wish there was more projects like letsencrypt, which is unsuitable for me for various reasons.
ACME is Automated Certificate Management Environment, also RFC 8555 - i.e. the protocol designed by Let's Encrypt and implemented in Certbot (+others) which actually manages the certificates, but - being a protocol - it's not limited to Let's Encrypt; other CAs can and do use it.
Quote:
They're all ultimately commercial entities (yes, letsencrypt too) and they don't provide source code, so it's not open source anyhow.
Let's Encrypt is ISRG, a 501(c)(3) non-profit - founded by Akamai, Cisco, EFF, Mozilla and the University of Michigan - though it does have board members and technical advisors from others companies now (including Amazon, Facebook, Google): https://www.abetterinternet.org/about/
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.