Topic: Where should I get a low cost SSL Cert?

[CKConsulting]

I'm looking for an inexpensive SSL Cert for a family email system with less than 10 users.  I found one at GoDaddy for $17, but will this do the trick?

Thanks
Rick

[crazybob]

That is the one I am using, and it works just fine

Bob

[CKConsulting]

Great, I'll try it then.

Rick

[jongkees]

Take a look at http://www.cacert.org/.
It is an free certificate that's valid for a year.

[CKConsulting]

Tell me if I'm wrong but it looks like cacert will still require users with IE or Firefox (99.9% of my users) to respond ok to security messages, and that's what I'm trying to avoid??????


Rick

But if not I like FREE...........

[pfloor]

Tell me if I'm wrong but it looks like cacert will still require users with IE or Firefox (99.9% of my users) to respond ok to security messages, and that's what I'm trying to avoid??????


Rick

But if not I like FREE...........

Here is what I have discovered to avoid the security message.

In Outlook, you need to set tne mail server name to hostname.domainname.com like what is on your self generated cert and not things like mail.domainname.com or just domainname.com.

With IE and Outlook you need to go to your webpage as https://hostname.domainname.com and accept AND install the certificate.

After you do this, you will only be asked once more in outlook to accept the cert and never again.

Hope that helps.

[william_syd]

Tell me if I'm wrong but it looks like cacert will still require users with IE or Firefox (99.9% of my users) to respond ok to security messages, and that's what I'm trying to avoid??????


Rick

But if not I like FREE...........

They just need the root ca.

Send you IE users here.
Send Firefox users here.

You only have to do it once.

For 10 users, can't be that hard.

If you don't spread the word it will never become mainstream.

Firefox that comes with Centos already has the CAcert root certificate.

[william_syd]

That is the one I am using, and it works just fine

Bob

Does it require an intermediate certificate ?

[CKConsulting]

My issue is with web mail.  My 10 users are always checking there email from different locations.

Rick

[crazybob]

It comes with one, and I added it to the ssl section in http.conf.

Bob

[william_syd]

It comes with one, and I added it to the ssl section in http.conf.

Bob

Did it work with email (not webmail).... just altering http.conf?

[william_syd]

My issue is with web mail.  My 10 users are always checking there email from different locations.

Rick

I just put a little note on the login screen.

Webmail

[crazybob]

It worked with webmail. It will depend on how you register the cert. I set mine up for www.yourdomain.com. that way any reference to www.yourdomain.com is covered. When you access https://www.yourdomain.com/webmail there is no warning. In outlook or something like that you have to set your mail servers to www.yourdomain.com, otherwise you will get an warning when you access it.