LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   What kind of SSL certificate do I need (http://www.linuxquestions.org/questions/linux-server-73/what-kind-of-ssl-certificate-do-i-need-843184/)

crazy_bytes 11-09-2010 05:02 AM

What kind of SSL certificate do I need
 
Hi everybody,

I have a CentOS server, which hosts a qmail server, an apache web
server, a mysql database and other services. I want to secure the
connection to my qmail server, some areas of my apache web server and
public sql connections with ssl encryption.

I googled around and tried to get some clue on ssl certificates. So
what kind of ssl certificate do I need?

I think I need a single root or wildcard certificate so I can secure my
subdomains as well (e.g www.mysite.com and mail.mysite.com).
Are ssl certificates port dependend or are they just domain dependend?

Does anyone know a good CA that issues ssl certificates I need for
about 50 / $ per year?

I know that I can issue a cert on my own, but that will always be
prompted for admittance, so I want a cert that is issued by a known CA,
which is accepted by most browsers and mail clients.

Best regards,
CB

Noway2 11-09-2010 12:12 PM

Try Startcom, if you would like a free certificate that your browser will recognize. The price on certificates is all over the map and perhaps someone will have some other suggestions. This will work for web pages at least, and theoretically for mail servers. For my mail server (Postfix), I used a self signed certificate and haven't had any issues.

crazy_bytes 11-10-2010 05:13 AM

Thanks for you reply.

I tried self signed certs, but the tested browsers (Internet Explorer, Firefox, Opera) and mail clients (Outlook, Thunderbird, Eudora) all nagged that the certificate could not be authenticated by known CAs and requested to install the certs myself.

I want to avoid this messages by using a cert issued by one of the known CAs (VeriSign, Thawte, etc.). I don't mind spending some money on ssl certificates, but since it is for private use I don't want to pay more than 50$ p.a.

Best regards,
CB


All times are GMT -5. The time now is 05:49 PM.