I've been using a single VeriSign SSL for years, of course renewing it! Now I need to get SSL on a few other servers for secure WCF services (Windows IIS web sites). I see there are several SSL cert vendors out there from very cheap to very expensive. VeriSign being on the expensive side, then there's geotrust, thawte, etc. Are they all the same in the end, or is there a catch to these cheaper ones?
To cut costs I'm planning on eliminating my VPS and will just host the few sites that I have on my home-office network. However I have 1 site that requires a SSL certificate. Is there an inexpensive solution for doing this that doesn't cost into the thousands per year?
This is probably a dumb question, but I've been curious about something. While shopping around for either a cheap dedicated server (less than $75/mo) or a cheap colo for a 1u server, I have noticed that the cheap dedicated servers are often less than a cheap colo, which seems odd to me since with a colo you bring your own machine.
For example, Sago Networks has cheap dedicateds for $50, $59, $79 etc. yet their cheapest colo option is $99. For Sago's $50 dedicated you get 1000GB transfer and 2 IP's, and with their $99 colo you get only get 100 GB transfer and 1 IP.
And Sago is not unusual in this respect. I've priced other providers that fall into this category and they have similar differences.
So why is colo more expensive than dedicated for similar, if not lower, features?
I've never used SSL on any of my websites and I've never really understood how the certificates work.
I understand that SSL is used as a secure connection protocol (https://) and that it needs a valid certificate so that the encrypted data transfer can be committed.
OK makes sence, but why do some websites seem to have such difficultly setting up valid certificates?
You can setup SSL by with Apache + OpenSSL, but why do website hosting providers still allow you to purchase SSL certificates (isn't it supposed to be free)?
Finally, is it possible to setup SSL for a multiple-domain (Victual Host) server?
I have a client who requested me to do a website for his credit union company.
Some of the pages are forms that require customers to enter crucial information ie ssn etc etc. I told him that this can be broken into..and therefore he would need a secure way of transmitting this information. Therefore would the SSL certificate work for this issue? Where do i get one? We have a dedicated server and do i need to configure anything on that? Where can i get a trusted SSL Certificate, and ofcourse help to install it.
if you could recommend a place to get a certificate... I have seen many people talking about that you could get a rapidSSL for $15 +/- , but I was not able to find any sites that low.
A year ago I bought a Geotrust quick SSL vertificate from my dedicated server host for about 299.
Now I see companies like server tastic selling the same Geotrust cert for $79 ehen Geotrusts website is still $299. How can that be? what am I missing here.
I purchased an EV SSL Cert, and all is fine. Installed via cPanel, and I get the green address bar in Firefox, but not in IE.
Comodo (the vendor) have an Auto-Enhancer feature which automatically tells IE to give me a green bar. They state in their FAQ the following instructions to install the feature:
Replace the bundle file that is in use for the web site.
Use the 'SSLCertificateChainFile' directive instead of the 'SSLCACertificateFile'/'SSLCACertificatePath' directives.
I have download a .CA-BUNDLE file from them.
Please tell me, now what do I do? I am at a lost at their instuctions, and going by my dealings with them, I think I can get help from you guys more accurately and quickly.
The server runs WHM/cPanel 11 with Apache 2 with mod_ssl. Full root access, but I am a Linux newbie.
I do web hosting (reseller); how much, in USD per year, do you think is a "reasonable" fee to charge clients for a shared SSL connection ?
The SSL is going to cost me $$ per year and I may have some use for it, but if clients want a shared SSL, instead of buying their own, I need to apportion the costs I incur somehow, and (maybe) make some small profit. I see the shared SSL as more of a service, but clients should pay _some_ $$ if they want to use one.
I'm just looking for some background information or a place where I can learn more about this.
Here's the problem:
The web site runs on a dedicated Apache server. There's 2 SSL certificates installed, one for e-commerce for https://www.mysite.com and one to help with the administrative interface for https://admin.mysite.com. I run a custom php application that forces the web page from http://www.mysite.com to https://www.mysite.com when going to an e-commerce page.
Generally everything runs Ok but a few times this year there has been a problem where the php application points to https://www.mysite.com/ecom.php but instead it gets https://admin.mysite.com/ecom.php and gets a page not found.
In discussing this with my web hosting company they claim they haven't changed anything but they do manage to fix the problem and get the web site working correctly again.
I generally figure that the web hosting company has done some type of maintenance on the web server and messed-up the dns entries or something for the SSL part of the web site but this is really outside my area of experience. I'm trying to understand what went wrong and where the entries are that determine when going to SSL which SSL certificate/URL is used.
My website is currently running on http and the plesk control pannel is running on https
However the certificate for https for the plesk panel is out of date and self signed therefore web browsers promit its not valid.
I want to get a valid SSL certificate for https for Plesk, Client/Billing area and the main website.
I want to do it as easy as possiable (as I'm not one for technical stuff but if it was resoniable I could give it a go)
I dont want a self signed and want to try to go for something free or very cheap.
Any got any suggestions? I've looked around and come up with companys wanting alot of money I did come across another which was free but it was self signed.
I currently have a reseller accounts from Thawte, Comodo, and RapidSSL, but have realized that I can purchase Comodo and Geotrust SSL certificates cheaper from Namecheap.com and Enom.com
Namecheap.com support is (as always) superb. Any opinions from Enom.com support?
What about Resellerclub.com? I know that they recently started to sell Thawte certs at very good prices. How good is their support?
I am continuously getting this error message in my error_logs Invalid method in request x16x03x01
I searched and found out that it is something to do with httpd.conf configurations and SSL. So I asked my provider to check it and solve. First they acknowledge that it was SSL issue but later I was told
Quote:
Since cPanel controls how the virtualhosts are configured this error most likely cannot be fix since cPanel will just revert the change. ..... The SSL connection with the selfsigned cert works beyond kicking out the error, but again cPanel controls the httpd.conf and how the * virtualhosts are configured.
So my question is, Is it common to have this error message with a cPanel VPS? Is there any solution?
I think I hit this error every time when I login to WHM or cPanel of every domain. Should this be fixed or it's not exactly an issue.
I am trying to add some new features to my hosting business and have a couple of questions. I have cpanel/whm and clientexec. I would like to offer shared ssl to my customers but don't know how to set that up. Also, how do this hosting companies offer free ad credits to yahoo and google? Is that something you talk to yahoo and google about setting up or what?
Anyone else having trouble getting them to work correctly? I do outsourced support for a few different hosts, as well as handle issues for ours, and there seems to be an unreasonable amount of eNom certificates failing to install correctly.
I'm not sure why they are bombing (module mismatch, etc.), but I was wondering if anyone has any insight on this. This definitely isn't an issue with how they are being installed. No other SSL Certificates that we deal with are having as many problems.
I am using SSL on my site but am having trouble in getting it to work correctly. I want to make it mandatory that the sections in <webaddress>/members and <webaddress>/admin are protected by SSL. I currently have the following in the httpd.conf file:
SSLEngine on SSLCertificateFile /usr/local/home/pm42/finalcert.pem SSLCertificateKeyFile /usr/local/home/pm42/privkey.pem SSLCertificateChainFile /usr/local/home/pm42/finalcert.pem
Say i have domain zzzzz.com and have some folders say a, b and c
would ssl if installed for main domain zzzzz.com work for https://zzzzz.com/a and so on ? or would wildcard ssl be required for that ?
And what if that /a folder is actually a subdomain, but since you can access subdomains via url/folder instead of folder.url would ssl work on it using url/folder option instead of subdomain url ?