?
Solved

SSL certificate options

Posted on 2009-06-30
4
Medium Priority
?
1,251 Views
Last Modified: 2012-05-07
Hello, just a basic question regarding SSL certificate options.  It looks like there are a ton of vendors out there, and not a huge amount of difference between the certificates.  My hosting company has a relationship with Trustwave, where I can get a certificate for $89 per year.  I know I can go much cheaper with GoDaddy or others, but I don't mind paying the extra $$.  But the question I have is, what is the downside with going with a lesser-known SSL certificate vendor from a user perspective?  When I look at certificate authorities on my FireFox browser, Trustwave is not listed but GoDaddy, Thawte, Verisign, etc. are.  Does that mean I (and other users) would get a popup window/warning message when I went to a site secured by Trustwave?
0
Comment
Question by:Jayrw
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 5

Expert Comment

by:Ahmed Ezzat AbuRaya
ID: 24747134
There are some sites offering help about choosing the best SSL  vendor and what are the differences between them.  Have you checked http://www.whichssl.com/ ?

Hope it can help you :)
0
 
LVL 31

Expert Comment

by:Paranormastic
ID: 24748466
Trustwave is compatible with most browsers.  You are probably just looking for the wrong thing - they will show up under "SecureTrust CA" not Trustwave.  When you view the cert, on the Certification Path tab you will see it listed as Trustwave.  You should be fine for most cases - I don't know them well enough to say which products they are or are not listed, but the have the big ones at least.  I did notice that I don't see them listed in my blackberry, whereas godaddy is, for what that's worth.

From one of Trustwave's brochures, they claim to be compatible with at least:
IE 5.00.2919.6307+
Netscape 4.61+
AOL 5+
Opera 6.1+
Mozilla 0.9.8+
Safari (all)
Firefox 0.7+ (including other linux browsers that follow FF's lead such as Epiphany, Galeon, and Konqueror)
0
 

Author Comment

by:Jayrw
ID: 24749527
Did you see that in IE or Firefox?  My version of IE (IE7) does not list SecureTrust under Trusted Root Certification Authorities.  And my version of Firefox (FF3) lists SecureTrust under Certificate Manager - Authorities, but all of the certificate details referenced SecureTrust, not Trustwave.  Just want to make sure I have a basic understanding - I may be looking in the wrong place.
0
 
LVL 31

Accepted Solution

by:
Paranormastic earned 1500 total points
ID: 24749809
Sorry, I am looking at IE6 right now.  I don't have access to others at the moment until I get home, but will look at it then and get back tomorrow.

Securetrust is another name for the same company.  It also may be possible that they cross-signed one with the other, which is common when a company rolls out a newer root to get the integration level of the older root.

The Trustwave is the friendly name of the cert in my store.  The friendly name is arbitrary and may change from deployment to deployment, or even not be present.  Here's a certificate easter egg for ya (I assume this works in IE7/FF3, but does in IE6 for sure): open up the root cert and look at the 3rd tab Certification Path Information - note the name, then go to the Details tab and look for the Friendly Name attribute - note it is the same as 3rd tab, now click the Edit Properties button and change the friendly name attribute to whatever you like and click ok, then go back to the 3rd tab.

The cert I am looking at is this:
Serial number: 0c f0 8e 5c 08 16 a5 ad 42 7f f0 eb 27 18 59 d0
Subject: CN = SecureTrust CA / O = SecureTrust Corporation / C = US
SHA1 thumbprint: 87 82 c6 c3 04 35 3b cf d2 96 92 d2 59 3e 7d 44 d9 34 ff 11
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A look at what happened in the Verizon cloud breach.
The recent Petya-like ransomware attack served a big blow to hundreds of banks, corporations and government offices The Acronis blog takes a closer look at this damaging worm to see what’s behind it – and offers up tips on how you can safeguard your…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question