SSL Certificates Rant…

It’s May; it’s coming to that time of the year where I have to update my SSL certificate again. As I did last year I had a good look round for an official SSL option. Since I only use it for accessing my own web-mail and a few other toys, I loath the thought of having to pay for it. Even the cheapest I find are still more than $100, which is absolutely ludicrous considering you have to renew it annually.
There may be hope yet though; Startcom.org began a project making themselves a free SSL Certification Authority. Provided you pass their verification tests they will issue you a SSL certificate endorsed by themselves free of charge. Unfortunately, they are not widely known enough to be taken seriously; they haven’t made it into the CA bundle of any major browsers yet.
Their project does look very promising though; they have already issued more than 3,000 server certificates and had more than 14,000 browsers install their CA certificate as a trusted Certification Authority.
My current solution is Do It Yourself SSL. I am my own Certification Authority, meaning I can issue my own server & client certificates. I do however get the annoying SSL nag-screen’s until I manually install my Lobstertech CA certificate into the browser I am using. For the moment this is all I need. I can sit comfortably reading my web-mail knowing its encrypted using 256-bit AES and it didn’t cost me a penny.
[to be continued]


Comments

One response to “SSL Certificates Rant…”

  1. You’re showing your Scottishness… I think you should go with the free (non-self-cert) as a means of bumping up their figures. It is only be people (like you) using them and getting the numbers behind them that they will ever be taken seriously enough to make it into the main browsers.

Leave a Reply

Your email address will not be published. Required fields are marked *