LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 08-24-2010, 11:29 PM   #1
Madone_SL_5.5
Member
 
Registered: Oct 2006
Location: Ogden, Utah
Distribution: Fedora 10
Posts: 66

Rep: Reputation: 15
Need alternative to SSL certificates.


I run a web server on Fedora 12, principally using Apache, MySQL, and PHP. I host a variety of sites, one of which is a family website that contains semi-sensitive personal data for several hundred extended family members, who all have access to the database-driven site.

Until now, I have been using a self-signed SSL certificate to encrypt the data as it is read and written back and forth from my database. Family members have simply had to put up with clicking past certificate warnings as they enter the site, as most browsers flag self-signed certificates as bad. It hasn't really been that much of a bother, but I'd love to do it more professionally. I have looked into buying SSL certificates, but it's a site I host for free and would rather find a cheap or free alternative if possible.

So I'm just fishing for ideas to work with. What are some alternatives to using SSL certificates for moderately strong website encryption? So far, I run only one host on the domain, but may eventually need encryption that would support multiple hosts. Or does anybody know a way to make self-signed certificates work on most popular browsers without being flagged as suspicious?
 
Old 08-25-2010, 06:13 AM   #2
smoker
Senior Member
 
Registered: Oct 2004
Distribution: Fedora Core 4, 12, 13, 14, 15, 17
Posts: 2,279

Rep: Reputation: 250Reputation: 250Reputation: 250
If the users accept the self signed cert permanently, there should be no warnings next time they visit. Not until the cert expires anyway.
 
Old 08-25-2010, 08:56 AM   #3
Blue_Ice
Member
 
Registered: Jul 2006
Location: Belgium
Distribution: Debian, Fedora, CentOS, Windows
Posts: 361

Rep: Reputation: Disabled
I believe CACert provides free SSL certificates that are well accepted in general and are free of charge...
 
Old 08-25-2010, 11:49 AM   #4
smoker
Senior Member
 
Registered: Oct 2004
Distribution: Fedora Core 4, 12, 13, 14, 15, 17
Posts: 2,279

Rep: Reputation: 250Reputation: 250Reputation: 250
Quote:
Originally Posted by Blue_Ice View Post
I believe CACert provides free SSL certificates that are well accepted in general and are free of charge...
Have you been to one of their SSL secured pages ?

Doesn't bode well ...
 
Old 08-25-2010, 01:40 PM   #5
Blue_Ice
Member
 
Registered: Jul 2006
Location: Belgium
Distribution: Debian, Fedora, CentOS, Windows
Posts: 361

Rep: Reputation: Disabled
Quote:
Originally Posted by smoker View Post
Have you been to one of their SSL secured pages ?

Doesn't bode well ...
No, not recently... It has been a couple of years ago that I used certificates from CACert. I just remembered this service.
 
Old 08-25-2010, 02:00 PM   #6
smoker
Senior Member
 
Registered: Oct 2004
Distribution: Fedora Core 4, 12, 13, 14, 15, 17
Posts: 2,279

Rep: Reputation: 250Reputation: 250Reputation: 250
Quote:
Originally Posted by Blue_Ice View Post
No, not recently... It has been a couple of years ago that I used certificates from CACert. I just remembered this service.
I actually meant on their own site.
 
Old 08-25-2010, 02:37 PM   #7
Blue_Ice
Member
 
Registered: Jul 2006
Location: Belgium
Distribution: Debian, Fedora, CentOS, Windows
Posts: 361

Rep: Reputation: Disabled
Quote:
Originally Posted by smoker View Post
I actually meant on their own site.
I had no problems with their site when I visited it earlier today... I have to say that I was using M$ IE8.
Just checked it and Google Chrome has a problem with indeed!
 
Old 08-26-2010, 12:31 AM   #8
Madone_SL_5.5
Member
 
Registered: Oct 2006
Location: Ogden, Utah
Distribution: Fedora 10
Posts: 66

Original Poster
Rep: Reputation: 15
Thanks guys. That is funny that CACert has certificate issues themselves.

Part of my motive behind this question is that a really savvy acquaintance of mine recently pointed out that I was needlessly using SSL for encryption when another solution would work. At the time I brushed it off, and now that I am interested I cannot remember what it was in order to try it out. I no longer have contact with him, otherwise I'd just ask him more about it.

It was some clever method of exchanging private keys without using an SSL certificate. I thought somebody on this forum is bound to know of something similar to what he was telling me.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Can SSL Certificates be the same sleepyz Linux - Server 6 02-19-2010 10:52 AM
SSL Certificates irvinew31 SUSE / openSUSE 2 10-03-2006 10:27 AM
SSL Certificates SBN Linux - Security 1 09-30-2006 03:29 AM
ssl certificates champ Linux - Security 2 04-05-2003 09:47 AM
ssl certificates Syncrm Linux - General 7 02-26-2003 10:01 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 03:02 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration