[lug] Cheap SSL Certificate pointers from Slashdot
Neal McBurnett
neal at bcn.boulder.co.us
Fri Oct 4 13:25:45 MDT 2002
Slashdot just did a story on Cheap SSL Certs. Lots of ranting as
usual, but I pulled out some of the more interesting things.
Cheers,
Neal McBurnett http://bcn.boulder.co.us/~neal/
GPG/PGP signed and/or sealed mail encouraged. Keyid: 2C9EBA60
http://ask.slashdot.org/article.pl?sid=02/10/02/000241
Java applets: Sun only [trusts?] Verisign or Thawte root certificates
Free client certs: http://www.cacert.com
"So far only the client certificates are useable, I'm still working
through doing policies for server certificates to keep ongoing costs
to a minimum, if any cost at all, yet still prove identities of
those requesting them, [that they] have a right to the certificate..."
You might need a certificate signed by a well known CA for your
connections from the internet, but for all your backend server you
can create your own CA: http://tinyca.sm-zone.net/
You can purchase a ridiculously cheap ($50) 128bit SSL cert, trusted
by browsers from http://www.geotrust.com
InstantSSL. $49/year
Almost instant (like 10 minute) issuance.
Trusted by 99% or so of in-use browsers (IE>=5.0, Netscape>=4.x,
AOL>=5, Opera>=5).
quickssl $49 - http://www.rackshack.net/quickssldetails.asp
Rackshack is not the CA, but just a reseller of the certs. They have
such a high volume, they get a discount. The certs they sell are
actually signed by Equifax, and are distributed by GeoTrust.
DirectNIC.com does SSL certs for $118/yr
'Wildcard' certificates cost an absurd amount of money, usually $500 or more.
More information about the LUG
mailing list