ClioSport.net
Register a free account today to become a member!
Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!
-
When you purchase through links on our site, we may earn an affiliate commission. Read more here.
SSL certificates - your recommendations?
- Thread starter cava83
- Start date
Darren S
ClioSport Club Member
Polo GTi
instantssl.com from Comodo, good value
in a brief summary, what do they do?
Encrypt the data between the host and the client
Audi TT Stronic
Or more accurately provide a certificate that is properly signed by a registered authority to allow you to do that.
Better than yours. C*nt.
exchange - outlook
mobile devices
Is it all internal? If so why not just create your own CA and put your root certificate on your computers/devices?
Rav4
:rasp: Because i will have to create the certificate and put it on all the devices, managers are in different buildings, not always in the uk, plus I like the easy option
Internal staff, yap
Mike, cheapy, job done.
Cheers buddies, can't believe how much cheaper go daddy is, wicked.
Lots of love,
G.
Internal staff, yap
Mike, cheapy, job done.
Cheers buddies, can't believe how much cheaper go daddy is, wicked.
Lots of love,
G.
Sounds like all you'll need is a basic web server certificate. A cheapo one will do the trick just fine. As long as Windows trusts the root CA it doesn't really matter who you get the certificate off so go for the cheapest you can find. GoDaddy are very cheap as has already been mentioned. Trend Micro were running an offer on SSL certificates not long ago, I don't know if that's still running too?
Think yourself lucky you don't have to manage PKI's day in day out. I've spent all day today configuring distribution points for CRL's on a new customer's network. Quite hard to get your head around when you've got over 70 sites configured, 12 child domains, an intra-forest trust relationship and an external trust relationship to contend with.
Think yourself lucky you don't have to manage PKI's day in day out. I've spent all day today configuring distribution points for CRL's on a new customer's network. Quite hard to get your head around when you've got over 70 sites configured, 12 child domains, an intra-forest trust relationship and an external trust relationship to contend with.
Yeah, certificates that had the private key encrypted with the MD5 algorythm could be spoofed. It uses a collision attack on the MD5 hash function to produce 2 identical X.509 certificates that contain the same digital signature but with different private keys.
A rogue CA could be set up to create these certificates which would be trusted by all common browsers because their pre-installed public keys could decrypt the private keys generated by the spoofing process.
The simple way around the problem is to encrypt your digital signatures using 3DES or preferably SHA-1. As far as I'm aware nobody has managed to crack SHA-1 yet. Unsure about 3DES.
A rogue CA could be set up to create these certificates which would be trusted by all common browsers because their pre-installed public keys could decrypt the private keys generated by the spoofing process.
The simple way around the problem is to encrypt your digital signatures using 3DES or preferably SHA-1. As far as I'm aware nobody has managed to crack SHA-1 yet. Unsure about 3DES.
Rav4
Darren,
Rather you than me, sounds a bit too much nevertheless, would be interesting to learn, very much so.
Thank you for your input and everyone else too,
Kindly appreciated,
Gabi.
Rather you than me, sounds a bit too much
nevertheless, would be interesting to learn, very much so.Thank you for your input and everyone else too,
Kindly appreciated,
Gabi.
Golf Mk6 Oil Burner
I've used these for a few years if you need any other options ..
http://www.rapidssl.com/index_ssl.htm
http://www.rapidssl.com/index_ssl.htm
Similar threads
