Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cheap SSL Certificates for Small Websites?

Posted by Cliff on from the why-can't-we-be-our-own-certificate-authority dept.

zaqattack911 asks: "In the workplace today it is becoming more and more common for everyday applications to be accessible over the web. Just about all the booking and tracking systems at my job are handled via web-apps these days. Along with this trend, is the increased need for secure transactions over the web. Just about all of the apps on my webserver are going to be SSL only. Some of them are for internal use only, some for the outside internet to use. Is there a cheap alternative to getting your certificates signed? Self signing my certificates works of course, but just about all browsers make a big fuss about it. Verisign asks for about 400$ initially, and 300$ to renew a certificate every year. This seems like a scam to me, and I'd love to know if anyone knows of alternatives out there? Is there a way to get around the certificate signing business? I looked at a company called RSA Security which allows a company to 'self sign' and use their accepted signature. The website doesn't mention the price, and I'm sure it's not very affordable. What else is there?"

3 of 436 comments (clear)

  1. Re:Might want to check....... by nsushkin · · Score: 0, Redundant
    For your convenince, the links are
  2. Re:It's not as much of a scam as you think. by taustin · · Score: 0, Redundant

    The most commonly understood thing you are getting is the encryption thats automatically accepted by just about any modern browser. However, the reason it's automatically accepted is because VeriSign is suppose to verify the identity of the business. This is why they require a Duns and Bradstreet # (It's a business credit identifier).

    I have a certificate from Verisign. They do require a D&B number. They use it to verify that the company you claim to be exists, at the address you claim. They have not, in three years, ever once verified that I am who I claim to be in any way.

    They are a "certificate authority." So far as I can tell, from my own personal experience, the only thing they certify is that your check cleared, and the only thing they are an authority on is cashing checks.

  3. Re:Free root cert project by V.+Mole · · Score: 1, Redundant

    Good. You can also bug him about not having a useful webmaster address, or other contact information on the site. E-mail to both webmaster@www.cacert.com and webmaster@cacert.com bounced:

    webmaster@cacert.com: host mail.mediadome.net.au[210.8.208.1] said: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)