Free SSL Certificates?

I currently buy the low-end sercurity certificates from Comodo (instantssl.com). I was wondering if I could get a free, bare-bones certificate from somewhere?
FrylockAsked:
Who is Participating?
 
ParanormasticConnect With a Mentor Cryptographic EngineerCommented:
As far as free certs go:
1) Most SSL providers offer short term free certs for testing, such as 14 or 30 days.  After that you need to pay up.
2) You can run your own CA and get access to all kinds of things - free is debatable here as there would be upfront cost of hardware, software, etc. and labor costs for upkeep.  You would also need to propogate your root certificate to whereever you wanted to have your PKI trusted, if only internal just do through GPO.
3) As mentioned above - self-signed certs - you can use various tools such as signtool, makecert, cipher, openssl, etc. to create a self-signed certificate.  Again, you would need to get this installed to the trusted root store for whereever it is going to be accessed by (your clients).  Usually this is only if you have very few certs to issue as the root store can only handle about 60 or so certs in it, and each cert here will slow them all down a little bit.
4) There are a few free public CA's out there - cacert.org, startcom.org - however again these would require obtaining their root certificate chain and getting that installed on your clients.  cacert is being ambitious and hoping to eventually pass WebTrust certification so that they could be added by default to various browsers and such, but they have a long way to go and it is debatable whether they will succeed.  I haven't heard if startcom is doing the same or not.  However, they do offer a fine product for free, so if the hardware costs are too much this might be an option.


If you are looking for an answer for a commercial website where your pages will be accessed by the general public, I would say that you need to get a commercial CA product and pony up the cash.  If it is just internal, your employees from home, or b2b partners you have a decent chance at getting one of the free options to work out okay for you - which one is best depends on your requirements.
0
 
DMTechGrooupConnect With a Mentor Commented:
Most likely not.. the purpose of a signed SSL is to guarantee the person browsing your site that you are who you say you are and not some chinese hacker.. You can create a self-signed cert.  You are paying for their service to "trust" you.

http://en.wikipedia.org/wiki/Self-signed_certificate
0
 
ccosbyConnect With a Mentor Commented:
Godaddy sells single ssl certs cheaper then comodo. As far as free ones go I can't help you.

To add to what DMT said you can self sign ssl certs. You then have to install them on the client machines so they accept them without complaining. This is only worth doing when it is for internal use only.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.