Solved

SSL certificate options

Posted on 2009-06-30
4
1,242 Views
Last Modified: 2012-05-07
Hello, just a basic question regarding SSL certificate options.  It looks like there are a ton of vendors out there, and not a huge amount of difference between the certificates.  My hosting company has a relationship with Trustwave, where I can get a certificate for $89 per year.  I know I can go much cheaper with GoDaddy or others, but I don't mind paying the extra $$.  But the question I have is, what is the downside with going with a lesser-known SSL certificate vendor from a user perspective?  When I look at certificate authorities on my FireFox browser, Trustwave is not listed but GoDaddy, Thawte, Verisign, etc. are.  Does that mean I (and other users) would get a popup window/warning message when I went to a site secured by Trustwave?
0
Comment
Question by:Jayrw
  • 2
4 Comments
 
LVL 5

Expert Comment

by:Ahmed Ezzat AbuRaya
ID: 24747134
There are some sites offering help about choosing the best SSL  vendor and what are the differences between them.  Have you checked http://www.whichssl.com/ ?

Hope it can help you :)
0
 
LVL 31

Expert Comment

by:Paranormastic
ID: 24748466
Trustwave is compatible with most browsers.  You are probably just looking for the wrong thing - they will show up under "SecureTrust CA" not Trustwave.  When you view the cert, on the Certification Path tab you will see it listed as Trustwave.  You should be fine for most cases - I don't know them well enough to say which products they are or are not listed, but the have the big ones at least.  I did notice that I don't see them listed in my blackberry, whereas godaddy is, for what that's worth.

From one of Trustwave's brochures, they claim to be compatible with at least:
IE 5.00.2919.6307+
Netscape 4.61+
AOL 5+
Opera 6.1+
Mozilla 0.9.8+
Safari (all)
Firefox 0.7+ (including other linux browsers that follow FF's lead such as Epiphany, Galeon, and Konqueror)
0
 

Author Comment

by:Jayrw
ID: 24749527
Did you see that in IE or Firefox?  My version of IE (IE7) does not list SecureTrust under Trusted Root Certification Authorities.  And my version of Firefox (FF3) lists SecureTrust under Certificate Manager - Authorities, but all of the certificate details referenced SecureTrust, not Trustwave.  Just want to make sure I have a basic understanding - I may be looking in the wrong place.
0
 
LVL 31

Accepted Solution

by:
Paranormastic earned 500 total points
ID: 24749809
Sorry, I am looking at IE6 right now.  I don't have access to others at the moment until I get home, but will look at it then and get back tomorrow.

Securetrust is another name for the same company.  It also may be possible that they cross-signed one with the other, which is common when a company rolls out a newer root to get the integration level of the older root.

The Trustwave is the friendly name of the cert in my store.  The friendly name is arbitrary and may change from deployment to deployment, or even not be present.  Here's a certificate easter egg for ya (I assume this works in IE7/FF3, but does in IE6 for sure): open up the root cert and look at the 3rd tab Certification Path Information - note the name, then go to the Details tab and look for the Friendly Name attribute - note it is the same as 3rd tab, now click the Edit Properties button and change the friendly name attribute to whatever you like and click ok, then go back to the 3rd tab.

The cert I am looking at is this:
Serial number: 0c f0 8e 5c 08 16 a5 ad 42 7f f0 eb 27 18 59 d0
Subject: CN = SecureTrust CA / O = SecureTrust Corporation / C = US
SHA1 thumbprint: 87 82 c6 c3 04 35 3b cf d2 96 92 d2 59 3e 7d 44 d9 34 ff 11
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Big data transfers via information superhighways require special attention and protection. Learn more about the IT-regulations of the country where your server is located. Analyze cloud providers and their encryption systems for safe data transit. S…
Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now