?
Solved

Any low cost of trusted SSL certificate

Posted on 2013-12-17
7
Medium Priority
?
608 Views
Last Modified: 2013-12-18
Dear Experts,

When I access my https site with my self-cert SSL, the browser will give  me red-cross and slash-mark on my browser address bar around https, why does it happen ? Whether do I have to or must  buy trusted SSL cert  instead of self-cert to disable the red cross-mark or slash-mark on https ?

For buying trusted SSL certificate, I have search all of it. there is really expensive or low-cost one ,for example some offer $600US/year and some offer $5US/year, why it is so much different in pricing if those company just use similar encrypt algorithm  ?

I also find some Ad about some large hosting company provide Turbo SSL cert through Domain Control validation to cut down the certificate cost. What is it about ?

Please advise

Duncan
0
Comment
Question by:duncanb7
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 9

Accepted Solution

by:
tsaico earned 1332 total points
ID: 39725203
The red bar is because while the traffic is under SSL, there is no 3rd party verifying your server is indeed your server.  This can be a phishing attack that got someone to go to the wrong website and they inadvertently give out their login information or account information.  Think of it like your state issues identification.  Without it, it is just your word claiming you are actually you.  In order to get an ID (your SSL), you have to go the government (3rd party, like GoDaddy) and get them to vouch for you by supplying their needed information.  Then there are certain restrictions on who can print these IDs, so not everyone is allowed to just print them, or rather not all places accept any ID.

The red bar is just saying there is something that isn't right about it as a warning to the user.  Having mismatched names, using a certificate for secure.site.com when it is actually othersite.here.com will produce the same results of a red bar.

As for the reason on the price differences, between companies, I have no idea to tell you the truth.  I don't know why basic ssl from godaddy is $70/yr, but startssl.com gives it for free.  As for why there are different levels of SSL, the amount of encryption goes up, the other features like making the address bar green vs letting it be white like normal, and being able to do either wildcard (meaning you can use the same SSL in any of your server names) or each one has several names on the same ssl are usually where the price comes up a little.

Domain Control is usually where they tell you to put a specific code string on the public website, so they can verify that you actually own it vs. sending an email for someone to click on and approve.  This is usufull when the names on the email listed in the WHOIS database are either obscured (often sold as a "privacy feature") or just incorrect.  If you can upload a file to the website, then that is proof enough that you are authorized to request the SSL on behalf of a domain.
0
 
LVL 13

Author Comment

by:duncanb7
ID: 39725405
tsaico. thanks for your good post,

Do you agree self-sign cert can be used as a trusted cert if users/visiotrs are  willing to import and save the  my site self-sign cert into their browser trusted vendor  folder after  clicking  browser options setting that will get rid of  or delete the red-cross and red slash mark nearby https on address bar ?
0
 
LVL 13

Assisted Solution

by:Felix Leven
Felix Leven earned 668 total points
ID: 39726355
For my testing Server/Networks (win only) I startet to use startssl certs, because it is free or very cheap. Even some verdors like Citrix want to force you into more expensive solutions.
0
Understanding Linux Permissions

Linux for beginners: How to view the permissions associated with files and directories and also how you can change them.

 
LVL 13

Author Comment

by:duncanb7
ID: 39726371
startssl mentioned the free SSL cert  only encrypt to login name and email address only
that might be explained why it is free
0
 
LVL 13

Expert Comment

by:Felix Leven
ID: 39726427
StartSSL™ Free supports:
Web server certificates (SSL/TLS)
Client and mail certificates (S/MIME)
128/256-bit encryption
US $ 10,000 insurance guaranteed
Valid 1 year (365 days)
0
 
LVL 9

Assisted Solution

by:tsaico
tsaico earned 1332 total points
ID: 39727113
To tell you the truth, I would just buy the basic GoDaddy SSL.  It gets rid of any weird red bars, doesn't require any imports for end users (and no one will import it, end users are notoriously lazy) and it also keeps you from having to write a ton of "how to" for every mobile device (iOS, Droid, Windows) and browser (IE 8-11, Opera, Firefox, Safari, Chrome).  I can guarantee the time you spend in making them all with screen shots, you could have paid for the $70 for an actual SSL and saved everyone the headache.
0
 
LVL 13

Author Closing Comment

by:duncanb7
ID: 39727222
Thanks for all of your reply

Duncan
0

Featured Post

Bringing Advanced Authentication to the SMB Market

WatchGuard announces the acquisition of advanced authentication provider, Datablink, with one mission – to bring secure authentication to SMB, mid-market, and distributed enterprises with a cloud-based solution, ideal for resale via their established channel & MSSP community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses
Course of the Month9 days, 9 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question