To administer your WestHost account, please enter your
Domain Name or Server Manager Username.

WestHost: Professional Website Hosting Company








Results 1 to 8 of 8
  1. #1

    Default SSL Certificates

    Thinking of getting own ssl instead of shared, but dont need the super expensive verisign or thawte... does anyone have any recommendations or advice on which would be better of the cheaper companies like rapid ssl or comodo or godaddy or the geotrust quickssl?

    and just how hard of a process is it to get and install? any advice on how to carry out the westhost end of the setup would be greatly appreciated.

    thanks if you can help

  2. #2
    Senior Member
    Join Date
    Mar 2004
    Location
    U.S.A.
    Posts
    220

    Default

    If it's mostly for personal use, and you don't really care if the root authority certificate is pre-installed in most browsers, then I'd go with the free CAcert.org.

    The caveat with the root authority certificate is that browsers will give you a popup saying it doesn't recognize CAcert on your SSL certificate. You can get this to go away by installing the CAcert root certificate in your browser.

    However, if you are doing any sort of commerce, I wouldn't recommend this route, as it would probably make your customers nervous to see that popup.

  3. #3

    Default

    Yes, its for an ecommerce site, but no sales yet and probably wont have much sales for some time until owner really decides to advertise and give me more products to upload, so i was hoping an ssl in the 60-100 range would be fine, wondered if any peculiarities about using any of them with westhost or any thoughts in general because never used them before and hard to find really unbiased reviews of what is best to do.

    thanks.

  4. #4
    Senior Member dansroka's Avatar
    Join Date
    Nov 2003
    Location
    New Jersey
    Posts
    177

    Default

    I purchased a certificate from RapidSSL - at $69/year, its a decent price, and the support (e.g. installation instructions) was very good. I had no problems installing it on my Westhost account.

    http://www.rapidssl.com/rapidssl/rapidssl.html

  5. #5
    Member WestHost - BErickson's Avatar
    Join Date
    May 2003
    Location
    Providence, UT
    Posts
    146

    Default

    Girl,

    You've named a few good options. Really there are only 4 major Certificate Authorities (Verisign, Thawte, Geotrust, and Comodo). Verisign and Trust are essentially the same company now. Geotrust and Comodo are still fighting for the bargain hunters, but have actually raised pricing over the last few years.

    Geotrust runs RapidSSL (was FreeSSL), QuickSSL, and ChainedSSL. InstantSSL is run by Comodo (they have a few others as well).

    Root SSL vs. Chained SSL:
    A root certificate is owned by the Certificate Authority (CA). A Chained SSL is "chained" to someone else's root (third party). Verisign, Thawte, and Geotrust offer root certs. Comodo has chained (Geotrust ALSO has chained with their Chained SSL). Chained cert installations require some extra steps and modifications of your Apache config.

    For me, the order of importance for an SSL cert on an e-commerce site is:
    1. Browser support. You don't want clients getting ANY popup warnings during the purchasing process. Also, remember that some may claim a particular browser is supported, but not over all platforms (Mac).
    2. Recognizable Certificate Authority. A Verisign or Thawte secure seal/graphic on a website still carries weight. And for the few that actually click on the "lock" icon, it may mean something. Geotrust is moving up, but still doesn't have the same brand weight. There will be some that will be more comfortable with a recognizable name.
    3. Root instead of Chained. Extra steps to install a chained, it's a third party, and browser support doesn't seem to be as good.

    Note: There's also issue with getting the cert, where some are more stringent, and take longer. However, this is only relative to the others.

    As you research online, be aware that both Geotrust and Comodo created a number of sites for people to compare SSL certs (so they are obviously biased). An example of one is whichssl.com (comodo). Geotrust used to operate whichssl.org (but I think it now forwards to their corp site).

    Once you've decided whom to go with, you'll need to generate a CSR. The instructions we have posted at the base of http://members.westhost.com/ssl-web-hosting.html should get you going (install OpenSSL, navigate to newly created .csr file, etc.). There are also instructions for installing the Thawte cert, but they are similar (for the most part) with other CA's.

    RapidSSL (Geotrust) is probably a good recommendation for a lower cost option. The only cheaper solutions would be through a chained cert:
    - http://www.freessl.com/chainedssl/chainedssl_new.html (Geotrust)
    - http://www.instantssl.com/ (Comodo)
    . . . but again they are chained.

    It'll be nice to see free certs like CAcert get more browser support in the future. But until then, you might as well just create your own cert (http://www.onlamp.com/pub/a/onlamp/2...nuxhacks.html).

    Hope this helps,
    Best regards,

    Bevan Erickson
    Sales and Marketing Department
    WestHost Inc.

    When you expect more from your web host
    http://www.westhost.com

  6. #6

    Default

    Wow! That's an education! Thank you so much for making my decision so much easier. Went with a GeotrustQuickSSL from ev1servers ---- now if only I could get my store to work! (that'll be another post begging for help soon)

  7. #7
    Junior Member
    Join Date
    Sep 2003
    Posts
    24

    Default

    I use GoDaddy's cheapest certificate...$29 a year and it works great.

  8. #8
    Junior Member
    Join Date
    Apr 2006
    Posts
    1

    Default Where is OpenSSL installed on the server

    I need to find OpenSSL the program from telnet in order to produce some information for my GoDaddy certification, but I can't seem to find it. When I installed OpenSSL it created temporary certificates and stuff, but I need to get there with telnet.

Similar Threads

  1. Replies: 3
    Last Post: 09-11-2007, 02:19 PM
  2. Discount SSL GeoTrust/RapidSSL Certificates Available
    By WestHost - ZEsser in forum News / Announcements
    Replies: 0
    Last Post: 08-31-2007, 08:16 AM
  3. ssl certificates
    By lclark in forum General Discussion
    Replies: 1
    Last Post: 06-13-2006, 08:32 AM
  4. Westhost, osCommerce & Shared SSL
    By visible soul in forum E-commerce
    Replies: 2
    Last Post: 06-12-2004, 12:06 AM
  5. Miva checkout "....CC-2501: Unable to connect to SSL Se
    By bk4736 in forum General Discussion
    Replies: 3
    Last Post: 09-15-2003, 10:09 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •