New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
SSL Certs
Hi,
I used an alpha SSL cert for a couple of RDP servers last year. I see that all the "free" alpha issuers are no longer around.
I have looked at using Let's Encrypt, however, because I can't automate the whole process with a reasonable amount of work, I wondered if anyone had a recommendation for cheap / free SSL certs.
Just to clarify... I have looked at Let's Encrypt, but because these boxes aren't running webservers without NATTing the domain I am unable to do a web renewal. I have looked at DNS based too, however, I have no way of automating the update to the domains TXT record.
Thanks
Comments
cheap: https://www.centriohost.com/special-offers.html (even though the provider is banned here because he's been a douche, but I have no problem with the cert itself)
free: Let'sEncrypt, the setup isn't that hard. Especially with acme.sh or so, where you can use the API of your nameserver provider, so automatic renewal of wildcard works.
Thanks for the reply. I am not sure how a Linux script is going to help renew a certificate on a Windows Server. I understand how LE works and use it on all of my Linux webservers. This is a windows RDP connection I am trying to secure, I could use DNS validation, but as I stated there is no programmatic way to update my DNS records.
The globalsign wildcard might work with Centrio for $10 thou Thanks!
If you want to secure the RDP gateway, you can use this tool (never used it myself though): https://certifytheweb.com/
It's the same than the free ones, centriohost just sells them, that's why they're not dead yet.
Again I am not running a webserver on these servers! I have used this software before when using LE on IIS.
@Michaels https://community.letsencrypt.org/t/using-lets-encrypt-to-secure-windows-remote-desktop-connections/29964 might be the solution
Yeah I'm thinking about moving my DNS to azure or aws both of which have an addressable api
Digital Ocean has free DNS and has an API. I've been wanting to look into it partly for this purpose, but haven't done so yet.
SSLs.com (which is just a namecheap retail outlet, IIRC) works for me and is currently <$6 for a Comodo PositiveSSL cert.
PositiveSSL is $4.50/1 year, $7.90 2 year through gogetssl.com reseller (they approve everyone who applies for that, it seems). They also have 3 month Comodo free trial certificates (Comodo's competitor to LetsEncrypt) and an ordering API. I haven't tried the API though. I'd try to get the LetsEncrypt DNS authentication stuff working if I were planning to do this stuff with any frequency.
cheapest I have found is if you get a 48c domain from namecheap and get the $1.99 promo PositiveSSL for 1 year.
If you're in the Netherlands, Xolphin (SSLcertifcaten.nl) is the best. Cheapest I use, non-affiliated, is https://www.gogetssl.com/. (Comodo reseller)
If you are interested for a wildcard alphassl (1 year or 2), I might give you one for a small fee.