 |
|
| Linux Forum Index » Linux Miscellaneous Topics » Any free Certificate Signing companies for private... |
|
Page 1 of 1 |
|
| Author |
Message |
| J.O. Aho... |
 Posted: Tue Feb 03, 2009 1:54 am |
|
|
|
Guest
|
Ohmster wrote:
Quote: I would like to get a Signed Request but I don't want a $50,000
amazon.com certificate, just a free, private certificate for someone
learning like a student cert or private citizen cert if there is such a
thing. Is there any free signing agencies out there that will sign a
certificate that IE or Firefox will accept without question for a small
personal website? If so how do I contact them and what is the procedure
for such a thing. Otherwise I will take whatever advice you can give.
Thank you.
http://www.instantssl.com/ssl-certificate-products/free-ssl-certificate.html
Draw back is that it's limited to 30 days trail and I would guess you
can't create a new free one for the domain after that.
In the long run it's either a payed certificate or a self certificated
that you have to use.
I don't recommend surfing with MSIE, too many exploits and it has the
stupidity to not accept certs from smaller companies, as it thinks they
are less secure certifiers than the five big ones.
Sorry, disabled your follow-up, otherwise others won't see that you got
some reply.
--
//Aho |
|
|
| Back to top |
|
|
|
| Ohmster... |
| Posted: Thu Feb 05, 2009 7:08 pm |
|
|
|
Guest
|
"J.O. Aho" <user at (no spam) example.net> wrote in
news:6uq4g2Fg9lc4U1 at (no spam) mid.individual.net:
Quote: http://www.instantssl.com/ssl-certificate-products/free-ssl-certificate
.html Draw back is that it's limited to 30 days trail and I would
guess you can't create a new free one for the domain after that.
In the long run it's either a payed certificate or a self certificated
that you have to use.
I don't recommend surfing with MSIE, too many exploits and it has the
stupidity to not accept certs from smaller companies, as it thinks
they are less secure certifiers than the five big ones.
Sorry, disabled your follow-up, otherwise others won't see that you
got some reply.
Thank you Aho. I really don't like IE but I use it because some sites like
for work will only work on it, as stupid as it sounds. Samsung for example
uses active x plugins and if you do not load them, you cannot use the site
and access the service manuals at Samsung. Other than that it is strictly
Firfox with a few choice plugins for me all the way baby! I even like lynx
or elinks but hardly any web sites support these text only browsers so
Firefox it is.
I will proably do a self cert again like I did before. I remember finding a
tutorial on the net somewhere that told how to do it, I will have to try
and find it again. genkey is not getting it done or at least I don't know
how to place the files right when I try it so I am doing something wrong.
--
~Ohmster | ohmster59 /a/t/ gmail dot com
Put "messageforohmster" in message body
(That is Message Body, not Subject!)
to pass my spam filter. |
|
|
| Back to top |
|
|
|
| Ohmster... |
| Posted: Thu Feb 05, 2009 7:15 pm |
|
|
|
Guest
|
Voltster <voltster at (no spam) ampster.invalid> wrote in
news:goi94d.hih.voltster at (no spam) ampster.invalid:
Quote: Secure Connection Failed
www.fubar.com uses an invalid security certificate.
You don't own fubar.com. It's owned by Social
Concepts in Menlo Park, California.
LOL! I didn't stop to think that anyone actually owned fubar.com. I hear it
used so often as a munge in Usenet that I just used it. Wow, there really
is a fubar.com. Now that is pretty cool!
Quote: The certificate is not trusted because it is self signed.
This line is not returned by fubar.com. However,
it IS returned from your domain, ohmster.com. Why
did you think it was necessary to substitute someone
else's domain name for your own? If you think
security through obscurity works, at least use an
invalid domain name rather than someone else's.
Yeah, my bad. I did not research the domain before using it. You got me on
that one partner.
Quote: The certificate is only valid for fubar.com
(Error code: sec_error_untrusted_issuer)
This was an interesting and somewhat humorous side trip but did not help
much with my request. But the laugh was worth it, thanks!
--
~Ohmster | ohmster59 /a/t/ gmail dot com
Put "messageforohmster" in message body
(That is Message Body, not Subject!)
to pass my spam filter. |
|
|
| Back to top |
|
|
|
| Ohmster... |
| Posted: Thu Feb 05, 2009 8:35 pm |
|
|
|
Guest
|
"J.O. Aho" <user at (no spam) example.net> wrote in
news:6uq4g2Fg9lc4U1 at (no spam) mid.individual.net:
Quote: http://www.instantssl.com/ssl-certificate-products/free-ssl-certificate
.html Draw back is that it's limited to 30 days trail and I would
guess you can't create a new free one for the domain after that.
In the long run it's either a payed certificate or a self certificated
that you have to use.
This tutorial showed me exactly how to make my own Cert which is good
enough for basic Usermin needs:
http://www.yatblog.com/2007/02/27/how-to-create-a-ssl-certificate/
Thanks J.O.
--
~Ohmster | ohmster59 /a/t/ gmail dot com
Put "messageforohmster" in message body
(That is Message Body, not Subject!)
to pass my spam filter. |
|
|
| Back to top |
|
|
|
| J.O. Aho... |
| Posted: Fri Feb 06, 2009 1:48 am |
|
|
|
Guest
|
Ohmster wrote:
Quote: I will proably do a self cert again like I did before. I remember finding a
tutorial on the net somewhere that told how to do it, I will have to try
and find it again. genkey is not getting it done or at least I don't know
how to place the files right when I try it so I am doing something wrong.
Here is a script I made a while ago, not sure it's the final version,
make it executable and you have an easy way to make a ssl cert for
apache, I suggest a fast read of the page which is mentioned, so you
know how it works in detail.
--- mkcert ---
#!/bin/sh
## Generate self authorized cert keys for Apache
# This script is based on instructions at
# http://www.tc.umn.edu/~brams006/selfsign.html
#
# Syntax:
# mkcert <certname>
#
# Result:
# certname.key certname.key.nopass certname.key.pass
# certname.csr certname.crt
echo $#
if [ -z "$1" ]; then
echo "Syntax:"
echo " $0 <certname>"
echo "Result:"
echo " certname.key certname.key.nopass certname.key.pass"
echo " certname.csr certname.crt"
exit
fi
CERTDIR=$1
CERTNAME=$CERTDIR/$1
mkdir -p ${CERTDIR}
openssl genrsa -des3 -out ${CERTNAME}.key 4096
#openssl new -key ${CERTNAME}.key -out ${CERTNAME}.csr
openssl req -new -key ${CERTNAME}.key -out ${CERTNAME}.csr
openssl x509 -req -days 3650 -in ${CERTNAME}.csr -signkey
${CERTNAME}.key -out ${CERTNAME}.crt
openssl rsa -in ${CERTNAME}.key -out ${CERTNAME}.key.nopass
mv ${CERTNAME}.key ${CERTNAME}.key.pass
cp ${CERTNAME}.key.nopass ${CERTNAME}.key
chmod 600 ${CERTNAME}.key ${CERTNAME}.key.nopass
--- eof ---
chmod 755 mkcert
../mkcert mysslcert
--
//Aho |
|
|
| Back to top |
|
|
|
| Ohmster... |
| Posted: Fri Feb 06, 2009 5:31 am |
|
|
|
Guest
|
"J.O. Aho" <user at (no spam) example.net> wrote in news:6v219bFhmdpbU1
at (no spam) mid.individual.net:
Quote:
Here is a script I made a while ago, not sure it's the final version,
make it executable and you have an easy way to make a ssl cert for
apache, I suggest a fast read of the page which is mentioned, so you
know how it works in detail.
Wow, excellent Aho. Thank you very much. I will study and keep this one.
I used this page to get by but your script rocks. I love stuff like this,
thanks buddy!
http://www.yatblog.com/2007/02/27/how-to-create-a-ssl-certificate/
--
~Ohmster | ohmster59 /a/t/ gmail dot com
Put "messageforohmster" in message body
(That is Message Body, not Subject!)
to pass my spam filter. |
|
|
| Back to top |
|
|
|
| J.O. Aho... |
| Posted: Fri Feb 06, 2009 1:12 pm |
|
|
|
Guest
|
Ohmster wrote:
Quote: "J.O. Aho" <user at (no spam) example.net> wrote in news:6v219bFhmdpbU1
at (no spam) mid.individual.net:
Here is a script I made a while ago, not sure it's the final version,
make it executable and you have an easy way to make a ssl cert for
apache, I suggest a fast read of the page which is mentioned, so you
know how it works in detail.
Wow, excellent Aho. Thank you very much. I will study and keep this one.
I used this page to get by but your script rocks. I love stuff like this,
thanks buddy!
http://www.yatblog.com/2007/02/27/how-to-create-a-ssl-certificate/
I used to have a page once in the old day which I followed when I made
my first certs, but after that I didn't use ssl for a long time, last
year I had to make some server installs at work and decided to update
the certs and I had trouble to find a good howto at first and when I at
last found one that was easy to understand, I decided to make my script
as I'm sure when it's time to update the certs, the person who has to do
it won't have much clue and it will be easier if they check out the
script from the CVS.
I'm glad that at least one other person has had use of it.
--
//Aho |
|
|
| Back to top |
|
|
|
| Ohmster... |
| Posted: Fri Feb 06, 2009 6:06 pm |
|
|
|
Guest
|
"J.O. Aho" <user at (no spam) example.net> wrote in news:6v39c3FhouoeU1
at (no spam) mid.individual.net:
Quote: I used to have a page once in the old day which I followed when I made
my first certs, but after that I didn't use ssl for a long time, last
year I had to make some server installs at work and decided to update
the certs and I had trouble to find a good howto at first and when I at
last found one that was easy to understand, I decided to make my script
as I'm sure when it's time to update the certs, the person who has to do
it won't have much clue and it will be easier if they check out the
script from the CVS.
I'm glad that at least one other person has had use of it.
I saved it, I am grateful for it, and I am going to use it to put my 365
day cert in place. You rock Aho!
--
~Ohmster | ohmster59 /a/t/ gmail dot com
Put "messageforohmster" in message body
(That is Message Body, not Subject!)
to pass my spam filter. |
|
|
| Back to top |
|
|
|
|
|
All times are GMT - 5 Hours
The time now is Thu Nov 26, 2009 12:53 pm
|
|