[ic] Re: Recommendation for CA to issue Certs.

Scott Andreas interchange-users@interchange.redhat.com
Thu Feb 21 11:59:01 2002


If you are just trying to secure non tranactional (ie not online stores)
domains you can build your own SSL it just won't be recognized by the
browsers as a trusted SSL. If you are using RedHat read the docs on creating
a SSL for CA.The set up is exactly the same except your not sending any info
to the CA

Once you implement the SSL it will work. We did this on a test server.
Remember, changes to apache is need

-----Original Message-----
From: interchange-users-admin@interchange.redhat.com
[mailto:interchange-users-admin@interchange.redhat.com]On Behalf Of
Barry Treahy, Jr.
Sent: Thursday, February 21, 2002 8:22 AM
To: interchange-users@interchange.redhat.com
Subject: Re: [ic] Re: Recommendation for CA to issue Certs.


Julia Jacobs wrote:

>On 2/20/02 5:33 PM, "Nathan D. Olmscheid" <nathan@namisolutions.com> wrote:
>
>>I know he was talking about a wild card cert. Thats what we use for our
>>clients on our servers. It just don't feel it is that expensive. We are a
>>hosting company and we have a cert for our server, then each client on
that
>>server gets a subdomain cert (wild card cert)
>>
>>Nathan
>>
>>P.S. I still may be missing something, but it does not seem that expensive
>>to me.
>>
>
>If a client is serious about their on-line store they will not want a
>subdomain (i.e. eroticdogbiscuits.supermall.com or
>superspandexshorts.supermall.com) because they want to look professional
and
>be taken seriously and want a first level domain.
>
Ok, I plead ignorance...

When I acquired my first cert about five years about, the choices were a
FQDN (ie. www.midwest-microwave.com) or a wildcard for the domain
(*.midwest-microwave.com).  I'm not interested in subdomains
(www.attenuators.midwest-microwave.com), just the ability to have
multiple hosts (ie. smtp.midwest-microwave.com,
www.midwest-microwave.com, mml1.midwest-microwave.com, etc...) within
our main domain being able to fully utilize the cert.

Is there a difference here or are you equating subdomains to hosts
within a domain and is Thawte doing this same thing?

Regards,

Barry


>That being said if they
>are serious they won't mind paying the $125 either for a commercial cert so
>they can put that cool Thawte logo on the index page.  If they are just
>getting there feet wet, want to blow their money in chunks at a time,force
>you to listen to them complain that no one is buying their stuff and they
>have already spent a whole X number of piddley change while conveniently
>ignoring your tales of "I sold my beloved children to a white slavery ship
>headed for the flesh pots of Bancock to start my business", they can get a
>cheapo subdomain cert.  That's my 2¢, for whatever its worth (which last I
>checked on the soapbox exchange rate was about . . .2¢)
>
>If you become an ISP Partner with Thawte like I did (its free) you pay $125
>for the first cert. Each $125 cert after that you get for $100 (saving
$25).
>If you prepay you get more of a discount.  They also have something called
>VICE (used to be called Gandalf) which is supposed to be Red Hat compatable
>and can put the info forms and scripts you need to generate the Thawte
certs
>on your server.
>
>My beef with Thawte is less with there pricing scheme as it is with their
>really really sloooooooow support.  I got an e-mail telling me my ISP
>Partner account was active but when I had a client all ready with her
credit
>card to perchase a cert, I entered my account code and got an "account not
>active error".  It was after office hours so I could not call phone
support.
>I sent my client home apologizing profusly and used Thawte's crappy Java
>based chat support which crashed repeatedly.  The support guy told me to
>send my grievance to some e-mail address.  I told him. . . .
>
>Anyway to make a long storey short, two days later I got it straightened
>out.  I've sent three e-mails to four people in the last two weeks
>requesting VICE for my server and have gotten no response.  I guess I have
>to get on the phone and call.
>
>So that's been my experience with Thawte so far.  Sorry for the long run -
>on sentences.
>

--

Barry Treahy, Jr  *  Midwest Microwave  *  Vice President & CIO

E-mail: Treahy@mmaz.com * Phone: 480/314-1320 * FAX: 480/661-7028



_______________________________________________
interchange-users mailing list
interchange-users@interchange.redhat.com
http://interchange.redhat.com/mailman/listinfo/interchange-users