Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Recommend an SSL certificate
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Recommend an SSL certificate

BluBoyBluBoy Member
edited May 2012 in Help

I am not transmitting anything particularly sensitive, but would like to enable SSL on my personal blog site (without the browser warnings that self signed cert generate).

Can anyone recommend a cheap SSL certificate which will be recognized by browsers?
Preference for a wildcard certificate, but price wise, I know I am probably looking at a single domain solution.

Cheers

«1

Comments

  • seikanseikan Member

    I'm using free SSL certificates from StartSSL for all my personal stuffs :)

    Thanked by 1yomero
  • sshVMsshVM Member

    https://www.sslmatrix.com
    1yr - $9.95, 5yrs - $7

    http://www.cheapssls.com/
    1yr - $8.95, 5yrs - $5.99

    http://www.namecheap.com/ssl-certificates/comodo.aspx
    1yr - $9

    http://www.godaddy.com/India
    Go Daddy SSL Certificates - Only Rs637, Instantly Issued

    http://www.trustico.co.in/switch/change-from-your-current-ssl-provider.php
    Switch To Trustico® For Free With Competitive Upgrade - 1yr - $0

    http://www.alphassl.com/ssl-certificates/
    Switching from a Competitor - 1yr - $0

    Thanked by 3mrm2005 Asim yomero
  • gianggiang Veteran

    @seikan said: I'm using free SSL certificates from StartSSL for all my personal stuffs :)

    StartSSL is great ;) It would be the same at PositiveSSL, RapidSSL, AlphaSSL, except it's FREE :D

  • letboxletbox Member, Patron Provider

    i'd recommanded StartSSL it's free and work like the paid

  • WilliamWilliam Member

    I use Namecheaps 10$ RapidSSLs.

  • BluBoyBluBoy Member

    Thanks guys, I went with the startssl option, figuring if it didn't work out, I'd open the wallet.

    10 minutes later, and I have a little green pad lock on my site!
    A quick check (https://www.ssllabs.com/ssltest) and I scored 90/100. I'm not sure if it is startssl or my config, but I don't seem to be able to enable TLS1.1 or 1.2.

    Meh, 90 seems better than most checks... And I am not complaining for the price :)

  • AlexBarakovAlexBarakov Patron Provider, Veteran

    I have never been able to authenticate in startssl... I am getting a
    Error 107 (net::ERR_SSL_PROTOCOL_ERROR): Error in the SSL protocol

    On both Chrome and IE ... Been like that for months

  • gianggiang Veteran
    edited May 2012

    My GeoTrust DV SSL only scores 88/100 :D with nginx config below:

       keepalive_timeout    60;
        ssl_protocols  SSLv2 SSLv3 TLSv1;
        ssl_ciphers ECDHE-RSA-AES256-SHA:AES256-SHA:CAMELLIA256-SHA:DES-CBC3-SHA;
        ssl_prefer_server_ciphers   on; 

    @LiquidHost said: I have never been able to authenticate in startssl... I am getting a

    Error 107 (net::ERR_SSL_PROTOCOL_ERROR): Error in the SSL protocol

    On both Chrome and IE ... Been like that for months

    Did you try to switch to Firefox? :D StartSSL requires a personal certificate to login, make sure you install it into your browser too :D

  • ElliotJElliotJ Member

    @LiquidHost said: Error 107 (net::ERR_SSL_PROTOCOL_ERROR): Error in the SSL protocol

    Sounds like you haven't configured it properly :P

    @BluBoy said: Preference for a wildcard certificate

    Well, I know you've already gone and got a cert, but AlphaSSL are the cheapest by far.
    IPXCore resells them for just $42, I got mine a lil' more expensive :(

  • Mr_FiveMr_Five Member

    Hi,

    I'm using 2 different SSL on my servers and so far both working fine
    StartSSL Free from StartSSL www.startssl.com
    QuickSSL Premium from GeoTrust www.clickssl.com

  • jhjh Member

    RapidSSL

  • KuJoeKuJoe Member, Host Rep
    edited May 2012

    Nvm, it's working now.

  • yomeroyomero Member

    Da BEASSSSST!
    So, how the heck we will fix that? Q_Q

  • vedranvedran Veteran

    https://auth.startssl.com/

    An error occurred during a connection to auth.startssl.com.
    SSL peer was unable to negotiate an acceptable set of security parameters.
    (Error code: ssl_error_handshake_failure_alert)

    Eh?

  • miTgiBmiTgiB Member

    @raindog308 said: Now I have to figure out why I'm vulnerable to the BEAST attack.

    Well looking at the recommended fix, on apache I am using the PCI recommended SSL CipherSuite

    ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP:!kEDH

    instead of the one listed

    ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH

    Placing the recommended fix gives the same vulnerable to BEAST error,

  • KuJoeKuJoe Member, Host Rep

    Can't figure out the "Session resumption" to save my life. :(

  • KuJoeKuJoe Member, Host Rep
    edited May 2012

    @miTgiB said: Placing the recommended fix gives the same vulnerable to BEAST error,

    Does Apache have an option similar to "ssl.honor-cipher-order" (from Lighttpd)?

  • rds100rds100 Member
    edited May 2012

    So what's needed to get 100 on all 4 lines?

    edit: nevermind, it's in the PDF linked from the site. Not very practical it seems.

  • biplabbiplab Member
    edited May 2012

    @KuJoe said: Does Apache have an option similar to "ssl.honor-cipher-order" (from Lighttpd)?

    Use SSLHonorCipherOrder On for Apache.

    @miTgiB said: Placing the recommended fix gives the same vulnerable to BEAST error,

    Did you click Clear cache link (@ Qualysis ssl test website) after adding recommended fix? I tried recommended fix and it works.

  • gianggiang Veteran

    @miTgiB said: ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH

    This cipher works on my nginx config :D

  • qhosterqhoster Member

    5yrs - $5.99 thats dirty cheap SSL ...

  • yomeroyomero Member

    @vedran said: https://auth.startssl.com/

    An error occurred during a connection to auth.startssl.com.

    SSL peer was unable to negotiate an acceptable set of security parameters.
    (Error code: ssl_error_handshake_failure_alert)

    Eh?

    You need to install your ssl cert in your browser to visit that site I guess.

  • vedranvedran Veteran

    So if I use their certificate my users will get that same error message when they try to visit my site?
    This is not "self signed, untrusted blah blah" error when you can click continue and all is good, you can't click continue here.

  • gbshousegbshouse Member, Host Rep

    Try http://certs.ipsca.com/ - you can get free cert as a reseller

  • miTgiBmiTgiB Member

    @biplab said: Did you click Clear cache link

    Just tried that, no good

  • AmitzAmitz Member

    Cool, my score (88) is better than the ones of amazon.com or accounts.google.com (85 each).

  • yomeroyomero Member

    @vedran said: So if I use their certificate my users will get that same error message when they try to visit my site?

    This is not "self signed, untrusted blah blah" error when you can click continue and all is good, you can't click continue here.

    No
    The certificate that you will use is for authenticate at that website (you don't have one, then SSL error), not for web services like you will do.

    (I think is that the way how they work)

    Thanked by 1vedran
  • vedranvedran Veteran

    Bah, I'm tired >_<

Sign In or Register to comment.