Solved

Any low cost of trusted SSL certificate

Posted on 2013-12-17
7
598 Views
Last Modified: 2013-12-18
Dear Experts,

When I access my https site with my self-cert SSL, the browser will give  me red-cross and slash-mark on my browser address bar around https, why does it happen ? Whether do I have to or must  buy trusted SSL cert  instead of self-cert to disable the red cross-mark or slash-mark on https ?

For buying trusted SSL certificate, I have search all of it. there is really expensive or low-cost one ,for example some offer $600US/year and some offer $5US/year, why it is so much different in pricing if those company just use similar encrypt algorithm  ?

I also find some Ad about some large hosting company provide Turbo SSL cert through Domain Control validation to cut down the certificate cost. What is it about ?

Please advise

Duncan
0
Comment
Question by:duncanb7
  • 3
  • 2
  • 2
7 Comments
 
LVL 9

Accepted Solution

by:
tsaico earned 333 total points
ID: 39725203
The red bar is because while the traffic is under SSL, there is no 3rd party verifying your server is indeed your server.  This can be a phishing attack that got someone to go to the wrong website and they inadvertently give out their login information or account information.  Think of it like your state issues identification.  Without it, it is just your word claiming you are actually you.  In order to get an ID (your SSL), you have to go the government (3rd party, like GoDaddy) and get them to vouch for you by supplying their needed information.  Then there are certain restrictions on who can print these IDs, so not everyone is allowed to just print them, or rather not all places accept any ID.

The red bar is just saying there is something that isn't right about it as a warning to the user.  Having mismatched names, using a certificate for secure.site.com when it is actually othersite.here.com will produce the same results of a red bar.

As for the reason on the price differences, between companies, I have no idea to tell you the truth.  I don't know why basic ssl from godaddy is $70/yr, but startssl.com gives it for free.  As for why there are different levels of SSL, the amount of encryption goes up, the other features like making the address bar green vs letting it be white like normal, and being able to do either wildcard (meaning you can use the same SSL in any of your server names) or each one has several names on the same ssl are usually where the price comes up a little.

Domain Control is usually where they tell you to put a specific code string on the public website, so they can verify that you actually own it vs. sending an email for someone to click on and approve.  This is usufull when the names on the email listed in the WHOIS database are either obscured (often sold as a "privacy feature") or just incorrect.  If you can upload a file to the website, then that is proof enough that you are authorized to request the SSL on behalf of a domain.
0
 
LVL 13

Author Comment

by:duncanb7
ID: 39725405
tsaico. thanks for your good post,

Do you agree self-sign cert can be used as a trusted cert if users/visiotrs are  willing to import and save the  my site self-sign cert into their browser trusted vendor  folder after  clicking  browser options setting that will get rid of  or delete the red-cross and red slash mark nearby https on address bar ?
0
 
LVL 13

Assisted Solution

by:Felix Leven
Felix Leven earned 167 total points
ID: 39726355
For my testing Server/Networks (win only) I startet to use startssl certs, because it is free or very cheap. Even some verdors like Citrix want to force you into more expensive solutions.
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 13

Author Comment

by:duncanb7
ID: 39726371
startssl mentioned the free SSL cert  only encrypt to login name and email address only
that might be explained why it is free
0
 
LVL 13

Expert Comment

by:Felix Leven
ID: 39726427
StartSSL™ Free supports:
Web server certificates (SSL/TLS)
Client and mail certificates (S/MIME)
128/256-bit encryption
US $ 10,000 insurance guaranteed
Valid 1 year (365 days)
0
 
LVL 9

Assisted Solution

by:tsaico
tsaico earned 333 total points
ID: 39727113
To tell you the truth, I would just buy the basic GoDaddy SSL.  It gets rid of any weird red bars, doesn't require any imports for end users (and no one will import it, end users are notoriously lazy) and it also keeps you from having to write a ton of "how to" for every mobile device (iOS, Droid, Windows) and browser (IE 8-11, Opera, Firefox, Safari, Chrome).  I can guarantee the time you spend in making them all with screen shots, you could have paid for the $70 for an actual SSL and saved everyone the headache.
0
 
LVL 13

Author Closing Comment

by:duncanb7
ID: 39727222
Thanks for all of your reply

Duncan
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Join & Write a Comment

SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
The purpose of this article is to demonstrate how we can use conditional statements using Python.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now