[plug] SSL certificates?
Jeremy Malcolm
Jeremy at Malcolm.id.au
Wed Jul 2 12:11:06 WST 2008
On 02/07/2008, at 11:39 AM, Fred Janon wrote:
> Hi,
>
> I am working on a web site using Tomcat on Ubuntu, I need to provide
> secure access to some of the pages with HTTPS/SSL. The site will be
> accessible through a ".com" and a ".com.au" address. I am clueless
> about how many and what kind of SSL certificate I should buy... Any
> idea?
Depends who your users are. If they are the kind who will be
frightened off by a warning dialog, then buy two certificates (one for
each domain) from somewhere like instantssl.com. However be aware
that you will also need at least two IP addresses if you want to do
that, because you can't serve two different SSL connections from a
single IP address.
There is no need to pay extra for EV certificates; the only real
difference is that they turn the browser's address bar green (except
in Safari), which actually freaks users out and confuses them.
If your need is only for security between the browser and the server,
not for authentication of the server's identity, then you don't really
need to pay for a third party certification authority and can use self-
signed certificates. Alternatively, sign up at cacert.org and get
them to sign your certificates for free. Browsers will still baulk at
them by default, though.
--
Jeremy Malcolm LLB (Hons) B Com
Internet and Open Source lawyer, IT consultant, actor
host -t NAPTR 1.0.8.0.3.1.2.9.8.1.6.e164.org|awk -F! '{print $3}'
More information about the plug
mailing list