oo7ml
asked on
SSL Error
Hi,
I bought an SSL cert from cheapsslsecurity.com a few weeks ago.
I installed it and it has been working fine up until now.
I was on my site this morning and it was working fine, however all of a sudden when i visit it now i get the following message:
I have a dedicated IP address too, but maybe i don't think i listed it when i was buying / setting up the cert... is it possible to change that, if so can you advise how.
Thanks in advance for your help
I bought an SSL cert from cheapsslsecurity.com a few weeks ago.
I installed it and it has been working fine up until now.
I was on my site this morning and it was working fine, however all of a sudden when i visit it now i get the following message:
I have a dedicated IP address too, but maybe i don't think i listed it when i was buying / setting up the cert... is it possible to change that, if so can you advise how.
Thanks in advance for your help
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You already seem to have one - if you see my notes from the testing, I specified an IP, not a domain name, when fetching your cert using OpenSSL - and got the right cert.
ASKER
Thanks Dave, much appreciated.
On a separate note, why do most hosting companies charge on average €100 for an SSL cert when you can buy the for €7 on cheapsslsecurity.com?
On a separate note, why do most hosting companies charge on average €100 for an SSL cert when you can buy the for €7 on cheapsslsecurity.com?
Because the bigger names are still clinging to a pricing model that was valid back when there were only a handful of CAs, all based in the USA. A Verisign cert (for example) is no more or less valid than a GoDaddy one, but 10x the price.
ASKER
Ah ok coo, thanks again for all of your help, much appreciated.
NP. With any luck, we will find something better in the future - there is no real reason why, once DNS is digitally signed, we should continue to pay a CA to demonstrate someone gave them money....
ASKER
Yeah, the whole process seems a bit out dated. Surely everything website should be encrypted by now using a standardised system.
Nothing wrong with the underlying idea - using PKI to protect a session key, or in the case of DHE, protect the negotiation of a session key. The issue is in
a) having to pay a CA to certify your key is your key
b) having to trust a CA does a good enough job of checking that for your $30 or whatever that you can rely on it for a $1M transaction...
a) having to pay a CA to certify your key is your key
b) having to trust a CA does a good enough job of checking that for your $30 or whatever that you can rely on it for a $1M transaction...
ASKER
Ok cool, thanks Dave, appreciate you coming back to explain all of that.
ASKER
Any advice on specifying a dedicated IP?