> > 1. Are there free certificates somewhere?
>
> You can get a trial one (e.g. at Verisign) or build your own CA
If building your own, your customers will need to download your homemade
CA-cert and verify its fingerprint offband somehow. This could be a
solution when having few customers coming back a lot (like retailers
buying from a company). If selling directly to end customers I
personally would not recommend using your own CA.
> > 2. Does higher price mean a better certificate? Or why are the prices
> > sometimes so high?
> I think a good certificate is made of two things, trust (in the CA), and
> availability of your cert for other people to contact you
You pay the CA to verify that you are really you. This is why others
trusting the CA assumes that a cert signed by the CA really came from
who it says it came from. The technical part of the cert making is
already present in the openssl software.
The verification is as booring and nontechnical as verification at a
bank when getting a plastic card... although not as secure though, since
no physical presence is needed.
If that was my job I would too try to overcharge :-)
Since most users do NOT check which CA signed a certain server cert
gotten from a website I can see no point in buying a more expensive
server cert. (possibly the administrative services differ, like
updating?)
The issues of a "free"-ca or "open community"-ca was discussed a while
ago on this list, check the archives if interrested.
/Douglas
>
> >
> > Can anyone give me some advice about this?
> >
> > Thanks in advance.
> >
> > Best Regards,
> > Michael
> >
>
> Felipe!
>
> > ______________________________________________________________________
> > OpenSSL Project http://www.openssl.org
> > User Support Mailing List [EMAIL PROTECTED]
> > Automated List Manager [EMAIL PROTECTED]
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
--
------------------------------------------------------
Douglas Wikström <[EMAIL PROTECTED]>
------------------------------------------------------
Yes, God created Man before Woman,
but one always makes a draft before the masterpiece.
------------------------------------------------------
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
