Webmasters Stack Exchange
Webmasters Stack Exchange

Questions tagged [security-certificate]

Electronic document that proves ownership of a public key. E.g. for SSL connections.

A security certificate is a public key certificate - an electronic document that proves the ownership of a public key.

For webmasters, security certificates are most commonly seen when using the SSL system.

370 questions
69
votes
5 answers

Why should I pay for an SSL certificate?

I paid for an SSL certificate from Namecheap, I think it was certified by ComodoSSL. It cost me 7$, it took them a week to activate and I had to do it myself from SSH while editing my site's configuration files. Then a friend made me aware of Let's…
Leonardo Petrucci
  • 731
  • 1
  • 5
  • 8
40
votes
6 answers

Are the different types of SSL certificates a bit of a scam?

I'm looking into getting a few SSL certificates for domains to cover the following: autodiscover.example.com remote.example.com www.example.com Wildcard certificates are too expensive, so I'm going to purchase a single certificate for each…
Mark Henderson
  • 4,994
  • 2
  • 29
  • 43
33
votes
7 answers

Why is godaddy HTTPS/SSL certification so much cheaper than digicert, thawte, and verisign?

I am a novice on HTTPS/SSL but GoDaddy charges $12.99 and Digicert, thawte, and Verisign charge $100-1000+ for SSL certificates. I must be missing something on the quality of the encryption or something. Can someone explain some of the basic…
tim peterson
  • 513
  • 1
  • 4
  • 10
32
votes
4 answers

What are the benefits of a more expensive SSL certificate?

I've been comparing prices of different SSL certificates and found a massive difference in prices between different providers. If we take http://www.namecheap.com/learn/other-services/ssl-certificates.asp as an example, what would be the advantage…
Oli
  • 423
  • 4
  • 7
30
votes
1 answer

Which browsers support SNI?

Because of the way web servers and SSL work, previously a dedicated IP address was required for running an SSL certificate on a domain. But with a new technique (SNI, abbreviation for Server Name Indication) this is no longer a requirement. So which…
William
  • 2,363
  • 1
  • 20
  • 32
30
votes
4 answers

Is it a bad practice to use self-signed SSL certificates?

SSL certificates are pretty expensive for individuals, especially if you need to secure different subdomains. I am considering using self-signed certificates, as my primary focus is to secure the connection, and not to authenticate myself. However,…
Wookai
  • 1,617
  • 18
  • 20
27
votes
3 answers

IIS 7 Require SSL automatically redirect to https://

I've configured IIS 7 to require SSL. Can I automatically redirect non-SSL requests to be encrypted? For example, if a user types in http://domain.example, can IIS redirect the request to https://domain.example rather than display the 403 error…
jdickson
  • 403
  • 1
  • 4
  • 7
26
votes
5 answers

How do I get my site verified such that it shows a green box in Chrome's address bar?

How do I get my site verified by Google Chrome so it has the green box in the address bar? I honestly don't know how to do this. Also, do I have to ask Google to verify it?
TwentyCharMax
  • 362
  • 3
  • 7
24
votes
2 answers

How can my organization become a Root CA?

I'm the founder of a little non-profit French organization. Currently, we're providing free web and shell hosting. Is there a way to become a Trusted Certificate Authority, in order to give free SSL certificates to my customers, and also to avoid…
Max13
  • 365
  • 1
  • 2
  • 6
23
votes
6 answers

Is unique IP address a must for SSL?

The shared hosting company told me that if I buy an IP address then it will be applicable for the addon domains too. What does it mean? Then the SSL certificate won't work since there will be more than 2 domains in one IP (if I add an addon domain)?…
ilhan
  • 1,773
  • 5
  • 18
  • 22
18
votes
2 answers

StartSSL certificate gives SEC_ERROR_REVOKED_CERTIFICATE in Firefox and ERR_CERT_AUTHORITY_INVALID in Chrome

My existing HTTPS certificate is expiring soon so I bought a new one. I'm having a very hard time installing it properly though. I have a wildcard certificate from StartSSL for *.deadsea.ostermiller.org that I'm trying to install on my Apache…
Stephen Ostermiller
  • 99,822
  • 18
  • 143
  • 364
17
votes
2 answers

If I need HTTPS / SSL encryption on my web site, does it matter who I get my certificate from?

If I need HTTPS / SSL encryption on my web site, does it matter who I get my certificate from? Are some SSL certificate vendors better than others? If so, why?
Chris W. Rea
  • 3,773
  • 1
  • 36
  • 48
17
votes
2 answers

How to find domain registrar and DNS hosting with good DNSSEC support?

Simplified problem I want to buy a domain and make a website that is fully secured with DNSSEC. I want to make sure that only the one right SSL certificate could be validated by the browsers and all of the rogue SSL certificates or certificates for…
rsp
  • 421
  • 3
  • 10
11
votes
2 answers

Using wildcard certificates for multi-server deployment

Currently we are deploying a beta API for our services and we want that all request/responses from the API works over https. I'm confused about using wildcard certificates for both api and www urls. Is it a good idea to use a wildcard certificate…
licorna
  • 399
  • 2
  • 11
11
votes
4 answers

Are free SSL certificates secure?

How is it that some SSL certificates are free? What does that mean? Are they secure or not?
aneuryzm
  • 1,907
  • 1
  • 17
  • 20
1
2 3
24 25