• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 613
  • Last Modified:

Any low cost of trusted SSL certificate

Dear Experts,

When I access my https site with my self-cert SSL, the browser will give  me red-cross and slash-mark on my browser address bar around https, why does it happen ? Whether do I have to or must  buy trusted SSL cert  instead of self-cert to disable the red cross-mark or slash-mark on https ?

For buying trusted SSL certificate, I have search all of it. there is really expensive or low-cost one ,for example some offer $600US/year and some offer $5US/year, why it is so much different in pricing if those company just use similar encrypt algorithm  ?

I also find some Ad about some large hosting company provide Turbo SSL cert through Domain Control validation to cut down the certificate cost. What is it about ?

Please advise

Duncan
0
duncanb7
Asked:
duncanb7
  • 3
  • 2
  • 2
3 Solutions
 
tsaicoCommented:
The red bar is because while the traffic is under SSL, there is no 3rd party verifying your server is indeed your server.  This can be a phishing attack that got someone to go to the wrong website and they inadvertently give out their login information or account information.  Think of it like your state issues identification.  Without it, it is just your word claiming you are actually you.  In order to get an ID (your SSL), you have to go the government (3rd party, like GoDaddy) and get them to vouch for you by supplying their needed information.  Then there are certain restrictions on who can print these IDs, so not everyone is allowed to just print them, or rather not all places accept any ID.

The red bar is just saying there is something that isn't right about it as a warning to the user.  Having mismatched names, using a certificate for secure.site.com when it is actually othersite.here.com will produce the same results of a red bar.

As for the reason on the price differences, between companies, I have no idea to tell you the truth.  I don't know why basic ssl from godaddy is $70/yr, but startssl.com gives it for free.  As for why there are different levels of SSL, the amount of encryption goes up, the other features like making the address bar green vs letting it be white like normal, and being able to do either wildcard (meaning you can use the same SSL in any of your server names) or each one has several names on the same ssl are usually where the price comes up a little.

Domain Control is usually where they tell you to put a specific code string on the public website, so they can verify that you actually own it vs. sending an email for someone to click on and approve.  This is usufull when the names on the email listed in the WHOIS database are either obscured (often sold as a "privacy feature") or just incorrect.  If you can upload a file to the website, then that is proof enough that you are authorized to request the SSL on behalf of a domain.
0
 
duncanb7Author Commented:
tsaico. thanks for your good post,

Do you agree self-sign cert can be used as a trusted cert if users/visiotrs are  willing to import and save the  my site self-sign cert into their browser trusted vendor  folder after  clicking  browser options setting that will get rid of  or delete the red-cross and red slash mark nearby https on address bar ?
0
 
Felix LevenSenior System and DatabaseadministratorCommented:
For my testing Server/Networks (win only) I startet to use startssl certs, because it is free or very cheap. Even some verdors like Citrix want to force you into more expensive solutions.
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
duncanb7Author Commented:
startssl mentioned the free SSL cert  only encrypt to login name and email address only
that might be explained why it is free
0
 
Felix LevenSenior System and DatabaseadministratorCommented:
StartSSL™ Free supports:
Web server certificates (SSL/TLS)
Client and mail certificates (S/MIME)
128/256-bit encryption
US $ 10,000 insurance guaranteed
Valid 1 year (365 days)
0
 
tsaicoCommented:
To tell you the truth, I would just buy the basic GoDaddy SSL.  It gets rid of any weird red bars, doesn't require any imports for end users (and no one will import it, end users are notoriously lazy) and it also keeps you from having to write a ton of "how to" for every mobile device (iOS, Droid, Windows) and browser (IE 8-11, Opera, Firefox, Safari, Chrome).  I can guarantee the time you spend in making them all with screen shots, you could have paid for the $70 for an actual SSL and saved everyone the headache.
0
 
duncanb7Author Commented:
Thanks for all of your reply

Duncan
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

  • 3
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now