Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


SSL Certs
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

SSL Certs

Hi,
I used an alpha SSL cert for a couple of RDP servers last year. I see that all the "free" alpha issuers are no longer around.

I have looked at using Let's Encrypt, however, because I can't automate the whole process with a reasonable amount of work, I wondered if anyone had a recommendation for cheap / free SSL certs.

Just to clarify... I have looked at Let's Encrypt, but because these boxes aren't running webservers without NATTing the domain I am unable to do a web renewal. I have looked at DNS based too, however, I have no way of automating the update to the domains TXT record.

Thanks

Comments

  • lemonlemon Member
    edited August 2018

    cheap: https://www.centriohost.com/special-offers.html (even though the provider is banned here because he's been a douche, but I have no problem with the cert itself)

    free: Let'sEncrypt, the setup isn't that hard. Especially with acme.sh or so, where you can use the API of your nameserver provider, so automatic renewal of wildcard works.

  • @lemon said:
    cheap: https://www.centriohost.com/special-offers.html (even though the provider is banned here because he's been a douche, but I have no problem with the cert itself)

    free: Let'sEncrypt, the setup isn't that hard. Especially with acme.sh or so, where you can use the API of your nameserver provider, so automatic renewal of wildcard works.

    Thanks for the reply. I am not sure how a Linux script is going to help renew a certificate on a Windows Server. I understand how LE works and use it on all of my Linux webservers. This is a windows RDP connection I am trying to secure, I could use DNS validation, but as I stated there is no programmatic way to update my DNS records.

    The globalsign wildcard might work with Centrio for $10 thou :) Thanks!

  • If you want to secure the RDP gateway, you can use this tool (never used it myself though): https://certifytheweb.com/

  • @michaels said:
    The globalsign wildcard might work with Centrio for $10 thou :) Thanks!

    It's the same than the free ones, centriohost just sells them, that's why they're not dead yet.

    Thanked by 1michaels
  • @Evixo said:
    If you want to secure the RDP gateway, you can use this tool (never used it myself though): https://certifytheweb.com/

    Again I am not running a webserver on these servers! I have used this software before when using LE on IIS.

  • Yeah I'm thinking about moving my DNS to azure or aws both of which have an addressable api :)

  • Digital Ocean has free DNS and has an API. I've been wanting to look into it partly for this purpose, but haven't done so yet.

    Thanked by 1michaels
  • SSLs.com (which is just a namecheap retail outlet, IIRC) works for me and is currently <$6 for a Comodo PositiveSSL cert.

    Thanked by 1klikli
  • PositiveSSL is $4.50/1 year, $7.90 2 year through gogetssl.com reseller (they approve everyone who applies for that, it seems). They also have 3 month Comodo free trial certificates (Comodo's competitor to LetsEncrypt) and an ordering API. I haven't tried the API though. I'd try to get the LetsEncrypt DNS authentication stuff working if I were planning to do this stuff with any frequency.

  • cheapest I have found is if you get a 48c domain from namecheap and get the $1.99 promo PositiveSSL for 1 year.

    Thanked by 1willie
  • If you're in the Netherlands, Xolphin (SSLcertifcaten.nl) is the best. Cheapest I use, non-affiliated, is https://www.gogetssl.com/. (Comodo reseller)

  • If you are interested for a wildcard alphassl (1 year or 2), I might give you one for a small fee.

Sign In or Register to comment.