SSL Security Certificate
- Thread starter jdlitson
- Start date
- Joined
- Feb 27, 2003
- Messages
- 9,158
- Joined
- Feb 27, 2003
- Messages
- 9,158
You would just put it as the server's main certificate:
/etc/httpd/conf/ssl.crt/server.crt
/etc/httpd/conf/ssl.key/server.key
This can be done from any domain use an Admin user. Admin users will only change the server's certificate, so adding the new values there will change it for everyone using the server.. or you can just do it manually
.
Your other websites would still get a SSL popup in their browsers, because the hostname wouldn't match, but it would still show your information in the cert.
John
/etc/httpd/conf/ssl.crt/server.crt
/etc/httpd/conf/ssl.key/server.key
This can be done from any domain use an Admin user. Admin users will only change the server's certificate, so adding the new values there will change it for everyone using the server.. or you can just do it manually
.Your other websites would still get a SSL popup in their browsers, because the hostname wouldn't match, but it would still show your information in the cert.
John
DirectAdmin Support said:
RackShack sells GeoTrust QuickSSL certs for $39. I've only used them once before but its only $39 and they were great when I lost my RSA private key *oops* and quickly refunded my old certificate and issued a new one (within 7 days).
The Prohacker
Verified User
- Joined
- May 23, 2003
- Messages
- 142
I would personally go with the great deal RS has on certs.. They are true Geotrust certs for only $39...
You can get other lower accepted certs for a bit less:
http://certs.ipsca.com/PRODUCTS/pricing.asp
http://www.freessl.com/
You can get other lower accepted certs for a bit less:
http://certs.ipsca.com/PRODUCTS/pricing.asp
http://www.freessl.com/
nobaloney
NoBaloney Internet Svcs - In Memoriam †
Tried. Can'tProWebUK said:]rackshack now offer them at $25... try and beat that
. I always thought I was the lowest-priced cert provider, but now I know I'm not.I'm curious, so this is a request to anyone with a RackShack cert: please let me know your URL; I want to see if RackShack's name is hidden in your cert.
Don't worry, I won't try to hack your system download your cert or anything similar; I'll just look at your cert details in my browser and examine all the fields.
You can do it yourself if you know how to check all the cert fields.
Jeff
nobaloney
NoBaloney Internet Svcs - In Memoriam †
Thanks.
Since they charge less than I get them for, I think I'm going to go ahead and buy one the next time I need a cert for one of my own domains; I'll try it out for browser ubiquity and for ease of installation.
Maybe I should make arrangements with GeoTrust similar to those I now have with Comodo (to resell their certs for less than they sell them for).
Jeff
Since they charge less than I get them for, I think I'm going to go ahead and buy one the next time I need a cert for one of my own domains; I'll try it out for browser ubiquity and for ease of installation.
Maybe I should make arrangements with GeoTrust similar to those I now have with Comodo (to resell their certs for less than they sell them for).
Jeff
The Prohacker
Verified User
- Joined
- May 23, 2003
- Messages
- 142
jlasman said:
https://provos.modernhosting.net
I installed a geotrust cert on that server that was bought from RS..
jlasman said:
Really your not gonna get a great deal from GeoTrust.. Infact I think RS sells the certs at a major loss just to bring traffic in.. Which seems to work
nobaloney
NoBaloney Internet Svcs - In Memoriam †
Thanks, Prohacker.
There's no RackShack info anywhere on the cert; it's an excellent buy at the price .
From looking at their site it doesn't look as if you have to host with them to get the price, so I'm not sure why they'd do a loss-leader.
In any event, I haven't decided yet whether to contact GeoTrust; they've been in touch with me before; they wanted me to sell their product when I first signed up with Comodo.
Again, thanks!
Jeff
There's no RackShack info anywhere on the cert; it's an excellent buy at the price
.From looking at their site it doesn't look as if you have to host with them to get the price, so I'm not sure why they'd do a loss-leader.
In any event, I haven't decided yet whether to contact GeoTrust; they've been in touch with me before; they wanted me to sell their product when I first signed up with Comodo.
Again, thanks!
Jeff
you dont need to be a RS customer to purchase the certs and even with a partnership i doubt you will match the price that RS supply them at.... im sure RS have a huge contract with geotrust and are providing geotrust with lots of money to get them at that price...
and even with a partnership i doubt you will match the price that RS supply them at.... im sure RS have a huge contract with geotrust and are providing geotrust with lots of money to get them at that price...
nobaloney
NoBaloney Internet Svcs - In Memoriam †
Yes, but are you sure that we're not buying a lot of certs from ComodoProWebUK said:
?We are.
Jeff
nobaloney
NoBaloney Internet Svcs - In Memoriam †
It is, Jason. It's just that the RackShack deal is a better onejdlitson said:
.From the price you mentioned, my guess is you're buying InstantSSL certs from Comodo. We've been reselling their certs for some time now and we're quite happy with them. If you set yourself up as a reseller you'll get a better price from them, but certainly not $25.
Jeff
The Prohacker
Verified User
- Joined
- May 23, 2003
- Messages
- 142
jlasman said:
You don't have to host with them to get the cert at that cost... They would normally sell them at a loss to just bring traffic into their site.. Hey.. When your there buying a cheap cert you would see that they also offer very cheap prices on servers too
RS is known for under cutting anyone and everyone in the market.. And thats what they are good at.. And everything they provide that I've ever bought from them is excellent quality... When Robert says no one can beat them.. He's right
jdlitson
Verified User
- Joined
- May 29, 2003
- Messages
- 261
Yes, it is a great deal Jeff.
The only thing that has stoped me from buying the $50 cert is that I still need to updat my OpenSSL.
Looks like that's going to be a pain (for a beginner).
I am wondering now if the OpenSSL is good software?
Perhaps it would save time to use another SSL software so I don't have to keep fixing the OpenSSL holes.
Is there anything else that would be better security wise and still low cost? Does everyone here use OpenSSL?
I am assuming that OpenSSL would still need to be installed even though we buy a signed Cert?
-Jason
The only thing that has stoped me from buying the $50 cert is that I still need to updat my OpenSSL.
Looks like that's going to be a pain (for a beginner).
I am wondering now if the OpenSSL is good software?
Perhaps it would save time to use another SSL software so I don't have to keep fixing the OpenSSL holes.
Is there anything else that would be better security wise and still low cost? Does everyone here use OpenSSL?
I am assuming that OpenSSL would still need to be installed even though we buy a signed Cert?
-Jason
nobaloney
NoBaloney Internet Svcs - In Memoriam †
I'm presuming you're using a Red Hat system, based on RPMs. I'd be quite surprised if you don't have it installed. If you don't, then you should just get the most recent RPMs for your system from Red Hat and install them with:jdlitson said:
Code:
# rpm -Uvh <rpm-file-name.rpm>Personally I use apt-rpm to keep a lot of systems up-to-date. We haven't any live DirectAdmin systems yet, but I'm going to try updating a test DirectAdmin system in the next few days and I'll let you know how it went.
apt-rpm should not hurt anything, it will only update packages that have the same name and main version number. But don't install it without the go-ahead from Mark, as I can't guarantee anything.
I don't even know anyone who isn't using it for SSL on Red Hat Linux. Imho it's at least as secure as any other SSL implementation.
A few years ago, when the SSL code was still proprietary, Red Hat licensed the code and sold a secure server that just plugged into Red Hat Linux; it worked fine and plugged in easily. But it was much more complex than just installing SSL as part of Red Hat install as we do today.
Most of us are probably using mod_ssl, which uses OpenSSL <http://www.modssl.org/>.
There's an alternative apache product, Apache-ssl <http://www.apache-ssl.org/> but I don't know anyone using it, and it does notget installed as part of the Red Hat install.
I'd recommend, especially for aanyone using a server administration package (such as DirectAdmin, Plesk, CPanel, etc.), and certainly for newbies, that you stick with officially supported packages; otherwise you're completely on your own when it comes to support.
I can't speak for others, but I'd be quite surprised if anyone was using any other implementation with DirectAdmin.
Yes. The certificate merely identifies your website and enables the encrypted data transfer.
Jeff