-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have several SSL certs. Usually the cheapest is purchase a single hostname (so secure.somedomain.tld), and host all of your secured services there (I do https, IMAPS, and SMTP+TLS on the same host usually, depending on load). This also works with round robin DNS and load balancers as only the fully qualified domain name and not the IP matters.
A wildcard cert allows you secure all hosts in a given domain, but all the providers I have dealt with charge extra for this. I have not needed this. I have been using rapidssl for the past few years, though they were just bought by Verisign, whom I have been boycotting as a result of several bad experiences with their customer services. Rapidssl has been good up until now anyway. Basically you generate a cert for your server(s), go to their webpage, enter a credit card and a phone number, an automated response calls you asking to record your name, and you get your certs. All this within ~5-10 minutes. I am not sure how the other providers do it anymore, but it should be similar and straight forward. jon wrote: > Hi All, > > Just wondering if anyone has any experience with purchasing SSL > certificates. I've always just signed my own because I don't > particularly care about the warnings that crop up, I just want a secure > session. > > I have a site or two that I would like to look a little more polished, > however, and judging from the errors that IE7 pukes up all over the > place the issue is that I need a cert signed by a third party. > > I'm thinking of just buying one at GoDaddy, but there are domain > certificates, extended domain certificates, and at least one other > level. All I need is one that will cover the main domain, any > subdomains, and any URLS within the domain. > > Can anyone help me out with the terminology and tell me what I'm looking > for? > > Thanks! > > J > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFF0XTlwRXgH3rKGfMRAlzfAJ9LiyFzOC9YUtk2aOSnt2KLlA6McwCgpGWg HSRb1u+pZQCe8I0sJqv3HOs= =bshy -----END PGP SIGNATURE----- _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
