+ Post New Thread
Page 2 of 2 FirstFirst 12
Results 16 to 29 of 29
Windows Thread, Creating SSL certificates. in Technical; You need to buy a real certificate....
  1. #16

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: Creating SSL certificates.

    You need to buy a real certificate.

  2. #17
    eejit's Avatar
    Join Date
    Jun 2005
    Location
    Ireland
    Posts
    606
    Thank Post
    52
    Thanked 12 Times in 12 Posts
    Rep Power
    22

    Re: Creating SSL certificates.

    Cheers Geoff. Are there a few places that you can get those and are they really expensive?

  3. #18

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: Creating SSL certificates.

    Verisign, Thwaite or GoDaddy. The price depends on what you want. It varies depending on how many hosts you want, the insurance level and the encryption level.

    eg, have a look at GoDaddy.

    https://www.godaddy.com/gdshop/ssl/ssl.asp?ci=418

    They vary from $20 to $500 a year depending on your requirements.

  4. #19
    eejit's Avatar
    Join Date
    Jun 2005
    Location
    Ireland
    Posts
    606
    Thank Post
    52
    Thanked 12 Times in 12 Posts
    Rep Power
    22

    Re: Creating SSL certificates.

    Cheers Geoff.
    Are any/some/most schools doing this already - or are you just putting up with the warning?

  5. #20
    krb548's Avatar
    Join Date
    Jun 2005
    Location
    Preston, Lancashire
    Posts
    43
    Thank Post
    2
    Thanked 3 Times in 3 Posts
    Rep Power
    19

    Re: Creating SSL certificates.

    Try this link. It is suppossed to be free.
    Let me know how you get on as it appears I also need one but have not had the time to try this yet.
    Start Com Free SSL Certificates

  6. #21

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: Creating SSL certificates.

    We have a full blown PKI infrastructure here, so we can deploy our own CA + Client certs to our machines internally. Thus they trust the server certs implicitly.

    Our external web access to internally run sites (eg, our VLE running Moodle) is done through a reverse proxy. The SSL cert the clients out on the internet see is from this proxy rather than from our internal web server. So it's not my problem.

    Sadly CLEO haven't bothered to use a real wildcard cert from *.lancs.sch.uk though so the warning will currently popup.

    You can see this for yourself, browse to our VLE.

    https://vle.carrhill.lancs.sch.uk

  7. #22
    eejit's Avatar
    Join Date
    Jun 2005
    Location
    Ireland
    Posts
    606
    Thank Post
    52
    Thanked 12 Times in 12 Posts
    Rep Power
    22

    Re: Creating SSL certificates.

    Quote Originally Posted by krb548
    Try this link. It is suppossed to be free.
    Let me know how you get on as it appears I also need one but have not had the time to try this yet.
    Start Com Free SSL Certificates
    Yeah, I saw that on the other page and hoped that someone else had tried it first too

  8. #23
    eejit's Avatar
    Join Date
    Jun 2005
    Location
    Ireland
    Posts
    606
    Thank Post
    52
    Thanked 12 Times in 12 Posts
    Rep Power
    22

    Re: Creating SSL certificates.

    Wow, great looking site Geoff.

  9. #24

    Join Date
    Jan 2006
    Location
    Surburbia
    Posts
    2,178
    Thank Post
    74
    Thanked 307 Times in 243 Posts
    Rep Power
    115

    Re: Creating SSL certificates.

    I think if you've got a domain and this is only for staff, then make/use your own CA and get them to your CA cert at home- could have other uses down the line and [don't groan] it's yet another opportunity to try and educate your users about this stuff.

    Can also be done on windows with openssl
    I used to routinely build win32 openssl for making a CA and certs for Windows back in the 20th century when the US crackable-crypto export regulations were still a bit serious.

    [Those regs banned export of strong data encryption but did allow for strong *authentication*. Early non-US Cert Server wouldn't let you have decent key lengths but if you made say a 2048 bit cert via openssl, IIS would happily use it... which was a good thing even though the subsequent SSL data encryption was weak]

  10. #25

    Join Date
    Aug 2005
    Location
    London
    Posts
    3,154
    Thank Post
    114
    Thanked 527 Times in 450 Posts
    Blog Entries
    2
    Rep Power
    123

    Re: Creating SSL certificates.

    We use ipsCA (http://certs.ipsca.com/) who give free SSL certs for education (web site talks about .edu domain; we had no problems getting for a .ac.uk domain and I'd guess they'd be happy with anyone who is demonstrably education).

  11. #26

    TechMonkey's Avatar
    Join Date
    Dec 2005
    Location
    South East
    Posts
    3,286
    Thank Post
    225
    Thanked 405 Times in 302 Posts
    Rep Power
    162

    Re: Creating SSL certificates.

    Sorry for the bump but could I have some feedback on how using the free SSL certs have gone. We are getting tired of certificate errors for our external services (space access and webmail). We have looked at the StartCom and ipSCA offerings but are slightly wary of being authenticated by random companies.

    So any opinions?

  12. #27

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,262
    Thank Post
    242
    Thanked 1,568 Times in 1,250 Posts
    Rep Power
    340

    Re: Creating SSL certificates.

    I've used Comodo in the past and they provide instructions how to import the certificate using all kinds of software. In my case I used IIS6.

    I'd recommend option 3 as this will do everything you want from it. For £100 it'll last 3 years.

    The more expensive certificates allow them to function with IE7 and FF 2.x. A good example of this is PayPal, where the address bar goes green. Very expensive for what it is, but the warranty value is incredibly high.

    Eventually it'll become the standard until someone develops another "security idea" and sells it for a premium.

  13. #28

    Join Date
    Jan 2006
    Location
    Surburbia
    Posts
    2,178
    Thank Post
    74
    Thanked 307 Times in 243 Posts
    Rep Power
    115

    Re: Creating SSL certificates.

    So any opinions?
    Unsuprisingly yes.. buying certificates when someone's willing to give them to you, or at least Education, for free is silly. Pragmatically no one is going to care where it came from provided their browser trusts the CA. The new (rip-off?) EV stuff is irrelevant unless you're a business taking credit card details off visitors etc.

    If all you want is to stop scary pop-ups in IE & Firefox for staff then an ipsCA freebie should be fine.

    [And if you're bothered about the security angle you probably ought to be giving your users client certificates in order to access your site, but that's another argument and a lot of work]

  14. #29
    mrcrazy04's Avatar
    Join Date
    Nov 2006
    Location
    Bedfordshire/Cheltenham, UK
    Posts
    258
    Thank Post
    2
    Thanked 11 Times in 11 Posts
    Rep Power
    17

    Re: Creating SSL certificates.

    Regarding startcom SSL certificates - the CA is trusted in all browsers apart from IE at the moment.
    I've used them before, and it's simply a case of filling out the form, then pasting in the output from the IIS certification wizard, and receiving email at an administrative email address for your domain with an authentication link to get the certificate.

SHARE:
+ Post New Thread
Page 2 of 2 FirstFirst 12

Similar Threads

  1. Free SSL Certificates for JANET connected schools
    By Dos_Box in forum Wireless Networks
    Replies: 25
    Last Post: 29th April 2013, 03:26 PM
  2. ssl certificates
    By PEO in forum General Chat
    Replies: 4
    Last Post: 4th January 2008, 09:14 PM
  3. Apache Certificates conversion & config
    By KWIK in forum How do you do....it?
    Replies: 0
    Last Post: 2nd November 2007, 05:04 PM
  4. Purchasing SSL Certificates
    By Dos_Box in forum Wireless Networks
    Replies: 3
    Last Post: 3rd January 2007, 03:33 PM
  5. Creating MSI's
    By adamyoung in forum Wireless Networks
    Replies: 9
    Last Post: 29th November 2005, 12:59 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •