| 1 |
Antoine wrote: |
| 2 |
> Hi, |
| 3 |
> We are going to set up ssl on a webserver at work and I guess that means |
| 4 |
> we need a certificate... does anyone have any useful alternatives to |
| 5 |
> Verisign? Are they really worth the name? |
| 6 |
> We are not going to be doing any monetary transactions but our clients |
| 7 |
> are very security conscious (who isn't!) and I have no experience in |
| 8 |
> these matters. I am certain the boss will want verisign, as he buys a |
| 9 |
> lot of stuff just for the name but if I can offer him a comparable |
| 10 |
> alternative at a fraction of the cost he may go for it. |
| 11 |
|
| 12 |
We've got a number of customers that use Geotrust which is |
| 13 |
significantly cheaper than Verisign/Thwate. Someone also uses Starfield |
| 14 |
which is dirt cheap. |
| 15 |
|
| 16 |
There is a technical issue when using certs no one has ever heard of |
| 17 |
before. Many times their cert company's root certs or whatever are not |
| 18 |
in the user's browser. In order to fix this you'll need install the cert |
| 19 |
company's intermediate cert or chain cert on your server so that the |
| 20 |
broswer can chain your new cert to a cert it already trusts. |
| 21 |
|
| 22 |
SSLCACertificateFile conf/ssl.crt/starfield-chain.crt |
| 23 |
|
| 24 |
kashani |
| 25 |
-- |
| 26 |
gentoo-user@g.o mailing list |
Archives