New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Cheap Wildcard SSL Certificate
This discussion has been closed.
Comments
You are right, of course. Sorry for the misinformation.
They are using Startcom root so it's accepted by many browsers.
You can register one for free and test it. ;-)
Oh, alright then. Giving them a try now for 7 domains. Already verified them, let's see
Edit: "Certificate request is submitted successfully."
Edit 2: Wow, awesome!! Really working and they were much faster with issuing than estimated (which had been next monday)! I think I'll grab one more for some more subdomains. Very recommended and thanks a lot, @pr0be!
Edit 3: Just looks kinda meh if it says "WoSign CA Free SSL Certificate G2" but how many people check what's the CA of the ssl of a website and hey, it's free
It's not 100% the same since there are much more work to do than create a CSR for *.domain.com. Good thing is that it will support a.domain.com, b.help.com and c.billing.com in one cert.
Anyone know if it's possible in the future to add more domains/subdomains to the same cert?
Certs, once issued, are obviously non-editable. You just request a new one from them with a different (expanded) set of domains. As a bonus that way you also shift the expiration date some months into the future.
Ya, that's what I thought. But if I get a new cert, can it be part of a tld that's been issued? Like I have a.domain.com in the first cert then 2 months later I need b.domain.com, would that work with their system?
Sure, they don't check if they already issued you certs with some of the domains you add to a new one.
Another way of doing this, is e.g. if you added 50 domains, now want to have 51, but also want to avoid re-verifying them all, is to just get a cert for that 1 extra domain, and then use SNI on your server to figure out whether to send the 50-domain cert or the 1-domain new one depending on which domain is requested. And keep getting new certs as you go, each for a small number of domains. Might get hard to keep track of all the expiration dates, though.
(inb4 yes SNI is well supported in all browsers and OSes that matter, there is no reason to avoid it).
HostMyBytes
That, my friend, is too much work for a couple of dollars a year. I would rather sleep 2 more hours than to save a couple of dollars and get cans of monster or red bull to keep me awake through the day.
Yeah, but up until recently the "couple of dollars" wildcard certs weren't as widely available.
And if you were going to do the recreate cert thing to add domains with WoSign, what I described is just a simpler way to achieve the same, at least if you had a considerable number of domains on it in the first place.
Do not spread misinformation. You're making people lose money.
I guess your target market does not include WinXP or Android (older devices) then? You can't just say "they should upgrade if they want to see my site" if I'm losing money for each visitor that can't see my site.
Everyone, there is still a big traffic share whose clients do NOT support SNI and thus SNI shall not yet be relied upon for production/money sites.
Unless you like losing money, of course.
The only problematic combination that is even remotely relevant today, is not just WinXP, it's Internet Explorer on WinXP. Yes, people can use SNI just fine on WinXP if they install Chrome/Firefox/etc.
As for IE, I just checked https://top.mail.ru/ global stats, Windows XP is 7.6% overall, IE is 5.8% overall (combined for all versions, including those which afaik will not install on WinXP). So how much is the SNI-problematic group, a simple estimate tells us 0.076*0.058 = 0.0044, less than a half percent at most.
Not to mention that if a person still uses old IE on old WinXP, something tells me they are not in the most profitable group around, no matter what you sell.
Wrong. However I'm not here to discuss demographics of business owners.
You have never run a business, right? 0,5% is relevant figure, moreover when most of those users are your target market.
So much for COMODO PositiveSSL certificates
Perhaps it's you who targets the wrong market?
Not a dig, genuine question.
Not willing to upgrade your computer does not mean not having money to do so. And 0.5% is not a value low enough to simply discard. That is what I meant - not that they're my target market.
That might be the traffic you want - how would you know if they can't even access your site?
If your "business" is so huge that losing even 0.5% of customers means a boat-load of money, then what the fuck are you doing in a thread about cheapest SSL certificates?
I locked out almost all Mac OS users by using a 8192 bit rsa key. Turns out Apple broke compatibility with a patch in 2006(!) and still has not fixed it. I don't know if Chrome relies on the same libraries, but it works with Firefox (brings its own I think).
I don't understand why they won't fix it? Is this some NSA plot to weaken cryptography or wat [/conspiracy]
edit: talking about safari
Yet again you've proven you know nothing about business.
Every extra client matters, moreover when each one can make you in upwards of $1k.
EDIT: If you're such a traffic management expert, who can predict and analyze trends and data properly, what are you doing here instead of making a killing on CPAs? This is getting ridiculous...
>
>
>
I'd guess that people who're willing to stay with XP are also more likely to stay with the vanilla IE as well. So an estimate would be, like, 25% of XP users are using vanilla IE, make it 1.9% overall.
According to Baidu Statistics1, IE 6.0 is 4.69% overall.
You seem to be more eager to prove that I don't know something, than that you know anything.
Just an impression your posts give off.
I'm afraid your psychological projection makes it the other way around. Kindly re-read the whole monologue I just had (your replies weren't actual criticism of mine) and try to stop being so incredibly... squarehead.
Sorry I'm busy at the moment, studying your Wikipedia links.
Your website (vrtz.net) is JavaScript only and hiding behind a whois protection company. I did not google that much – here something from 2013: https://gds.blog.gov.uk/2013/10/21/how-many-people-are-missing-out-on-javascript-enhancement/
So, fix it, unless ...
Correct. My target audience is tech-savvy and, being a hobby site, I have no reason to make sure the perfect 100% of the global population can access it.
Correct as well. Is there any SEO problem with that? A performance benefit of disabling it? Or any other thing I should be aware of other than you trying to find lots of reasons to discredit my words? https://yourlogicalfallacyis.com/ad-hominem
Why? I can be perfectly correct in what I say, while choosing NOT to use my own advice in EVERY project I start.
Everything has a place and a time - you do not kill a fly with a cannon.
EDIT: I don't really fancy doing that.
I probably wouldn't use it for an E-commerce site or say WHMCS (Or whatever equivalent people run) but it's great for things like owncloud and various webapps.
Normal people don't check these certificates, especially not who it was issued by. It's probably mostly checked by people who are more technically aware and knowledgeable, not by your typical facebook and buzzfeed fiend who make up the bulk of internet visitors.
You could have chosen to receive the Chinese version of the certificate, then it would say "CA 沃通免费SSL证书 G2" Still says "free", but now in Chinese, so not plainly obvious. I chose this option, to me this way it looks unusual, more interesting and perhaps even carries a certain charm (in the past I learned a kanji or two, albeit for Japanese). However I don't use this to secure an eCommerce website, just my hobby one.