1 |
Antoine wrote: |
2 |
> Hi, |
3 |
> We are going to set up ssl on a webserver at work and I guess that means |
4 |
> we need a certificate... does anyone have any useful alternatives to |
5 |
> Verisign? Are they really worth the name? |
6 |
> We are not going to be doing any monetary transactions but our clients |
7 |
> are very security conscious (who isn't!) and I have no experience in |
8 |
> these matters. I am certain the boss will want verisign, as he buys a |
9 |
> lot of stuff just for the name but if I can offer him a comparable |
10 |
> alternative at a fraction of the cost he may go for it. |
11 |
|
12 |
We've got a number of customers that use Geotrust which is |
13 |
significantly cheaper than Verisign/Thwate. Someone also uses Starfield |
14 |
which is dirt cheap. |
15 |
|
16 |
There is a technical issue when using certs no one has ever heard of |
17 |
before. Many times their cert company's root certs or whatever are not |
18 |
in the user's browser. In order to fix this you'll need install the cert |
19 |
company's intermediate cert or chain cert on your server so that the |
20 |
broswer can chain your new cert to a cert it already trusts. |
21 |
|
22 |
SSLCACertificateFile conf/ssl.crt/starfield-chain.crt |
23 |
|
24 |
kashani |
25 |
-- |
26 |
gentoo-user@g.o mailing list |