New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Recommend an SSL certificate
I am not transmitting anything particularly sensitive, but would like to enable SSL on my personal blog site (without the browser warnings that self signed cert generate).
Can anyone recommend a cheap SSL certificate which will be recognized by browsers?
Preference for a wildcard certificate, but price wise, I know I am probably looking at a single domain solution.
Cheers
Comments
I'm using free SSL certificates from StartSSL for all my personal stuffs
https://www.sslmatrix.com
1yr - $9.95, 5yrs - $7
http://www.cheapssls.com/
1yr - $8.95, 5yrs - $5.99
http://www.namecheap.com/ssl-certificates/comodo.aspx
1yr - $9
http://www.godaddy.com/India
Go Daddy SSL Certificates - Only Rs637, Instantly Issued
http://www.trustico.co.in/switch/change-from-your-current-ssl-provider.php
Switch To Trustico® For Free With Competitive Upgrade - 1yr - $0
http://www.alphassl.com/ssl-certificates/
Switching from a Competitor - 1yr - $0
StartSSL is great It would be the same at PositiveSSL, RapidSSL, AlphaSSL, except it's FREE
1yr - $9
I use this
i'd recommanded StartSSL it's free and work like the paid
I use Namecheaps 10$ RapidSSLs.
Thanks guys, I went with the startssl option, figuring if it didn't work out, I'd open the wallet.
10 minutes later, and I have a little green pad lock on my site!
A quick check (https://www.ssllabs.com/ssltest) and I scored 90/100. I'm not sure if it is startssl or my config, but I don't seem to be able to enable TLS1.1 or 1.2.
Meh, 90 seems better than most checks... And I am not complaining for the price
I have never been able to authenticate in startssl... I am getting a
Error 107 (net::ERR_SSL_PROTOCOL_ERROR): Error in the SSL protocol
On both Chrome and IE ... Been like that for months
My GeoTrust DV SSL only scores 88/100 with nginx config below:
Error 107 (net::ERR_SSL_PROTOCOL_ERROR): Error in the SSL protocol
Did you try to switch to Firefox? StartSSL requires a personal certificate to login, make sure you install it into your browser too
Sounds like you haven't configured it properly :P
Well, I know you've already gone and got a cert, but AlphaSSL are the cheapest by far.
IPXCore resells them for just $42, I got mine a lil' more expensive
Hi,
I'm using 2 different SSL on my servers and so far both working fine
StartSSL Free from StartSSL www.startssl.com
QuickSSL Premium from GeoTrust www.clickssl.com
RapidSSL
Nice site.
Now I have to figure out why I'm vulnerable to the BEAST attack.
Fortunately, I'm in good company:
@Aldryic, @Francisco: https://www.ssllabs.com/ssltest/analyze.html?d=https://my.frantech.ca/
@Kujoe: https://www.ssllabs.com/ssltest/analyze.html?d=https://my.securedragon.net
@miTgiB: https://www.ssllabs.com/ssltest/analyze.html?d=https://www.hostigation.com/billing/
Nvm, it's working now.
Da BEASSSSST!
So, how the heck we will fix that? Q_Q
Eh?
Well looking at the recommended fix, on apache I am using the PCI recommended SSL CipherSuite
ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP:!kEDH
instead of the one listed
ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH
Placing the recommended fix gives the same vulnerable to BEAST error,
Can't figure out the "Session resumption" to save my life.
Does Apache have an option similar to "ssl.honor-cipher-order" (from Lighttpd)?
So what's needed to get 100 on all 4 lines?
edit: nevermind, it's in the PDF linked from the site. Not very practical it seems.
Use
SSLHonorCipherOrder On
for Apache.Did you click Clear cache link (@ Qualysis ssl test website) after adding recommended fix? I tried recommended fix and it works.
This cipher works on my nginx config
5yrs - $5.99 thats dirty cheap SSL ...
SSL peer was unable to negotiate an acceptable set of security parameters.
(Error code: ssl_error_handshake_failure_alert)
You need to install your ssl cert in your browser to visit that site I guess.
So if I use their certificate my users will get that same error message when they try to visit my site?
This is not "self signed, untrusted blah blah" error when you can click continue and all is good, you can't click continue here.
Try http://certs.ipsca.com/ - you can get free cert as a reseller
Just tried that, no good
Cool, my score (88) is better than the ones of amazon.com or accounts.google.com (85 each).
This is not "self signed, untrusted blah blah" error when you can click continue and all is good, you can't click continue here.
No
The certificate that you will use is for authenticate at that website (you don't have one, then SSL error), not for web services like you will do.
(I think is that the way how they work)
Bah, I'm tired >_<