Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


SSl Certificates: Where, cheap or free
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

SSl Certificates: Where, cheap or free

Hello i need to update a few domains to https (ok, start laughing i know, i had to do time time ago...) so i need a bunch of SSl Certificates. I know i can use Cloudflare SSL (Free Account) but honestly... i dont know....
For this reason im asking if you know some good sellers with good offers or if you know where to take my "free cake" :)

Cloudflare, Another SSL Certificate Provider or HTTP ?
  1. Are you using SSL ?169 votes
    1. Yes, Im using Cloudflare SSL
      19.53%
    2. Yes, Im using a SSL Certificate Provider
      60.36%
    3. No
      20.12%
«13

Comments

  • free on let's encrypt

  • I voted no just for the fuck of it. #Trump2017

  • MikeAMikeA Member, Patron Provider

    If you have your own VPS/dedi, use LetsEncrypt. Otherwise just get a cheap Namecheap comodo SSL cert.

  • williewillie Member
    edited January 2017

    I've been using letsencrypt, plus some 90/30 day trial certificates from Comodo/GGSSL/RapidSSL, plus a free 1-year Gandi certificate included with a domain from them, plus some $1 coupons for one-year Comodo certs from Namecheap, plus Namecheap will sell you a cert for around $2 when you buy a domain. Plus I have a still-active 5 year Comodo cert from when they sold those (max now is 3 years).

    I don't see much point in trial commercial certs instead of LetsEncrypt and a minus is that they ask for personal info of the applicant. I see 1-year and multi-year certs as still sometimes worth paying for if you don't want to deal with 90 day expiration. If you can handle that, I'd say go with LetsEncrypt.

    I haven't used Cloudflare for anything and haven't tried their certs.

  • @willie said:
    I've been using letsencrypt, plus some 90/30 day trial certificates from Comodo/GGSSL/RapidSSL, plus a free 1-year Gandi certificate included with a domain from them, plus some $1 coupons for one-year Comodo certs from Namecheap, plus Namecheap will sell you a cert for around $2 when you buy a domain. Plus I have a still-active 5 year Comodo cert from when they sold those (max now is 3 years).

    I don't see much point in trial commercial certs instead of LetsEncrypt and a minus is that they ask for personal info of the applicant. I see 1-year and multi-year certs as still sometimes worth paying for if you don't want to deal with 90 day expiration. If you can handle that, I'd say go with LetsEncrypt.

    I haven't used Cloudflare for anything and haven't tried their certs.

    5x plus.

  • jtkjtk Member

    Let's Encrypt is currently a leading provider of free certificates. It isn't as user friendly as others, because it requires you to update the certificate frequently (within three months). Although there are some automated tools to help with this, this is still an area of ongoing development so pay attention to changes as this technology matures. Nonetheless, it is a good option if you're trying to eliminate cost and willing to learn a little bit to get things setup and keep running.

    Another option for free is StartCom/WoSign, but I would not recommend them at all. In my experience they make arbitrary decisions that contradict their policies about what constitutes non-commercial when deciding when to issue free certificates. Plus, there is of course a recent history of incredibly shady operational transparency - just search the net for details.

    Thanked by 1johnnymatt
  • jtk said:

    Another option for free is StartCom/WoSign, but I would not recommend them at all.

    They are not an option for now. They're suspended from issuing certs for Firefox for a year, dunno about Chrome, dunno if they'll ever get back in, and I wouldn't use them even if they do get back in. They're basically dead imho.

    LetsEncrypt is slightly more annoying than trial certs because you have to verify by an intricate protocol involving putting special files on your web site, or TXT records in your DNS. Among other things that means you need a live server on the domain when you apply for the cert. The commercial trial certs let you confirm by email which is easier a lot of the time. But there are scripts around that automate letsencrypt.

  • I recently switched all my sites to caddy. It makes letsencrypt painless and honestly, the configuration is bloody amazing compared to nginx or apache.

    Thanked by 1doughnet
  • Startssl or letsencrypt ;)

  • rumi4 said:

    Startssl

    Lol :)

  • https://assl.loovit.net
    If you ask me, I will say this one.

    Thanked by 3willie Shade yomero
  • StevenNStevenN Member, Host Rep

    We provide free wildcard SSL's with all our Phoenix and Netherlands VPS plans starting at $3/m.

    Thanked by 1willie
  • RapidSSL and Geotrust (reputed certificate authority) also offers free SSL certificate for a limited period of time.

  • JamesK said:

    RapidSSL and Geotrust (reputed certificate authority) also offers free SSL certificate for a limited period of time.

    Theirs are 30 days, don't see much point when there's multiple free 90 day available.

  • Thanks guys for your reply :)

  • williewillie Member
    edited January 2017

    VMbox said: Phoenix and Netherlands VPS plans starting at $3/m.

    Vmbox.co? Looks like plans start at $5/m, is there a promo page or something? Also unusual that KVM is cheaper than openvz and has 2 ip addresses...

  • ssls.com is a brand of namecheap's that has always done me well in the past

  • Did not test this but heard it is very popular as it gives you free lets encrypt ssl without you having a need to acctually install lets encrypt server side which is great if you only use shared hosting: https://www.sslforfree.com

  • hzrhzr Member

    Ympker said: which is great if you only use shared hosting

    doesn't plesk, cpanel, etc all support LE now

  • mailcheapmailcheap Member, Host Rep

    LetsEncrypt (free) or Comodo PositiveSSL (paid, cheap)

    Pavin.

  • williewillie Member
    edited January 2017

    Looks like a wrapper around the usual letsencrypt stuff, i.e. you manually mess with the DNS settings or challenge files, or else give it ftp credentials and it makes the files for you (vertical rearrangement):

    Screen shot

    The dehydrated script does about the same thing and doesn't involve some weird web site, so I'd stick with that.

    Some domain registrars have API's that let you adjust the DNS and maybe make those special TXT records. It could be useful to write some scripts that automate those for LetsEncrypt.

  • @hzr said:

    Ympker said: which is great if you only use shared hosting

    doesn't plesk, cpanel, etc all support LE now

    A host I am with blocks that in their cpanel to sell their ssl certificates :P

  • HyperFilter_OfficialHyperFilter_Official Member, Patron Provider

    For paid certificates you can also check : http://cheapssl.com

  • If you don't mind serving your site over a CDN, Netlify will install LE certs on the CDN for your site (add a site, add a domain, go to HTTPS tab, you should know the rest once you see it).

  • I use Cloudflare Pro SSL which is great. But with Cloudflare Free you get limited browsers which is a huge problem lots of people don't realize. People using Windows 95, old macs and browsers will not be able to access your site.

  • mfsmfs Banned, Member

    Wicked said: Cloudflare Pro SSL

    If you're referring to the ability to upload your own certificate and private key to CloudFlare, in my opinion you're deceiving your customers/users. The cert will say they're connecting with you but they are connecting with CF. So, you're somewhat hiding (at least in the browser) the fact that you're using a MiTM service.

    I'm not all for bashing CF's TLS features, probably there are many cases where their ability to properly handle certs & keys are way safer than something done by the average sysadmins.

    But in all honesty, I still think that if you're just trying to get a green lock and your domain doesn't deserve any more than a DV cert, you should go for let's encrypt (or some Comodo cert if it's so much of a hassle for you to renew manually or to use certbot or dehydrated)

    Wicked said: People using Windows 95

    Actively refusing to support IE6 and the like would be a plus

  • BeliraBelira Member
    edited January 2017

    Get a shared cPanel host that offers free SSL: http://www.webhostingtalk.com/forumdisplay.php?f=4

    Get a cloud server, and use lets encrypt: https://www.digitalocean.com/

    Basic, recognizable SSL doesn't have to cost money any more :)

  • Yes, multiple cpanel hosts now completely automate the letsencrypt process for free. I've been on buyshared for about a year now so can attest that they handle the 3 month renewals without any user intervention. LetsEncrypt puts a significant dent in the multi-decade CA scam. I like it ;).

    The Cpanel company interestingly operates its own CA now. Not sure what they are up to with that.

Sign In or Register to comment.