Jump to content

SSL Providers

kers7754

By kers7754
in General Discussion

 Share

Recommended Posts

interfasys Member

interfasys

Posted
Posted

I just quickly went through their install procedures and they never mention that you need to ask your host for a dedicated IP. I've found inaccurate information on Comodo's website and have made a comment.

Looking around, I've found some dinosaurs like GoDaddy and Hostgator who insist on users getting a dedicated IP, but that's because they charge for it and also probably because it takes time for them to change their infrastructure. They're not known for their agility.

As far as I'm concerned, this is just FUD. There is technology out there that allows people to easily install SSL certs on shared IP if they need to and that's the reason I've mentioned it in this thread. It offers exactly the same level of protection/encryption. People can then choose to stay with retrograde hosts or move ahead and change with the times.

 

Your comment about WHT just made me laugh. It's a large, established forum about hosting where users and experts exchange tips and ideas. If you find something interesting, you can then do some research yourself and try to implement novel concepts on a test box to see if it fits your business model. It's not a blog which claims to spread the truth.

The truth is that SNI works, today, for specific business cases. It's too bad you don't want to evolve, but don't hinder innovation by spreading false information.

0
Link to comment
Share on other sites
  • Replies 54
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

interfasys Member

interfasys

Posted
Posted
cPanel does not support SNI.

Yet ;) and there is strong demand for it due to the exhaustion of IPv4 IPs, so I wouldn't be surprised if it made an appearance before the end of the year.

 

Out of curiosity, where did you get that '9 out of 10' figure? I know cPanel is quite popular, but figures are difficult to get by.

0
Link to comment
Share on other sites
  • 1 year later...
sophieperrone Junior Member

sophieperrone

Posted
Posted

after spending more than 6 years in IT field, i can strongly recommend selecting reliable SSL certificate resellers rather than buying one from certificate authority website. You must be thinking why? here are the reasons:

 

- You can purchase same SSL Certificate with same security level

- You can avail large discount for same certificate as compare to certificate authority website

- The best part is SUPPORT (you can shout for support whenever you stuck into middle of installation)

 

 

Does anyone recommend a good but inexpensive SSL certificates provider?

 

Is this something that needs to be installed manually once a customer purchases it?

0
Link to comment
Share on other sites
  • 4 months later...
epretorious Senior Member

epretorious

Posted
Posted (edited)
I'd suggest AlphaSSL / GlobalSign. Whether you're looking to resell them yourself, simply to direct your customer to them, or to purchase certificates for your own use, they're a good choice and a great value. We've found them to be among the cheapest and they're a trusted CA.

 

AlphaSSL offers reasonable prices. However, GlobalSign is ridiculously expensive! e.g., GlobalSign's least expensive certificate, the domain-validated (DV) DomainSSL is $249/year!

 

My research has found that generally speaking...

 

In my opinion, OpenSRS provides shoppers the most best shopping experience by being quite clear (and informative) about a topic that other SSL providers hide behind: domain validated (DV), organization validated (OV), and extended validation certificates (EV).

 

Choose from domain validated, organization validated and extended validation certificates.

 

Just my $0.02.

Edited by epretorious
Corrected GlobalSign/DomainSSL confusion.
0
Link to comment
Share on other sites
brianr Senior Member

brianr

Posted
Posted
Not true, easyhosting: The miracle of SNI allows the use of SSL certificates with shared IP hosting. :!:

 

Don't know if I'd call it a miracle... too many Win XP machines w/ very little options that support SNI in the wild.... Before you deploy SNI, I strongly suggest looking at the compatibility issues you may face for some of your users.

 

... remember how long it took to get rid of IE6? (And it's not completely dead yet either....)

0
Link to comment
Share on other sites
easyhosting Senior Member

easyhosting

Posted
Posted (edited)

also ask, Comodo, Geotrust, Globalsign etc. and they all will say a DED IP is required

 

our WHM even states the below when trying to set an ssl without a ded IP

 

Install an SSL Certificate and Setup the Domain

 

 

 

Error

 

SSL install aborted due to error: Sorry, you must have a dedicated ip to use this feature for the user: ******! If you are intending to install a shared certificate you must use the username "nobody" for security and bandwidth reporting reasons.

 

 

also SNI is unsupported by cPanel

Edited by easyhosting
0
Link to comment
Share on other sites
  • 2 weeks later...
andy40 Senior Member

andy40

Posted
Posted
if you use netearthone for domains (and you should since they are cheaper and have better support than enom), they also resell the alpha SSL so thats an easy way to do it. Personally I like opensrs and got them to almost match the Rapidssl price that enom offers ($12 instead of $10) and i cant wait to be rid of Enom, their support is just terrible.

 

 

Yes i agree Enom is rubbish we moved all our domains from them.

0
Link to comment
Share on other sites
epretorious Senior Member

epretorious

Posted
Posted (edited)
Not true, easyhosting: The miracle of SNI allows the use of SSL certificates with shared IP hosting. :!:

 

Don't know if I'd call it a miracle... too many Win XP machines w/ very little options that support SNI in the wild...

 

... remember how long it took to get rid of IE6? (And it's not completely dead yet either....)

  1. I was being sarcastic about "The miracle of SNI". ;)
  2. The technical achievement of SNI not withstanding, the fact that IE does not support SNI is a travesty!

Edited by epretorious
0
Link to comment
Share on other sites
epretorious Senior Member

epretorious

Posted
Posted
Yes i agree Enom is rubbish we moved all our domains from them.

 

I found the Sales team at eNom to be very unprofessional and, instead, chose to become a reseller of OpenSRS. :)

 

While the prices are not as competitive as those offered by eNom (if you pay the $1595 setup fee to become a premier reseller), I do like the wide variety of SSL certificates that OpenSRS offers...

 

  • Symantec,
  • thawte,
  • GeoTrust,
  • Trustwave, and
  • Comodo

I found that the only area in which eNom excelled (without paying the $1595 setup fee to become a premier reseller) was the availability of inexpensive SSL certificates: eNom offers the Geotrust RapidSSL (DV) certificate for $9.95 and the Comodo Essential (DV) certificate for $10.95 while OpenSRS charges $59 for similar certificates.

 

REFERENCE

http://www.opensrs.com/site/services/trust/pricing

http://www.enom.com/secure/geotrust-ssl-certificates.aspx

http://www.enom.com/secure/comodo-ssl-certificates.aspx

0
Link to comment
Share on other sites
  • 2 weeks later...
epretorious Senior Member

epretorious

Posted
Posted (edited)
Yes a dedicated IP is required in order to install an SSL cert.

 

Wrong.

 

you need a separate dedicated IP for every SSL cert issued

 

Wrong.

 

A dedicated IP is required for an SSL certificate

 

Wrong.

 

Apparently you've never heard of SNI. It's totally different from shared certs.

Here is the howto for Apache: http://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI

 

Thanks for the reference, interfasys. Here's another one that's worth reading: From Wikipedia, Server Name Indication.

 

well ive been a webhost since 1999 and ive not come across many hosts that use SSL though SNI due to securtiy issues

 

More FUD. Please provide some credible references instead of just crapping all over the Internet.

Edited by epretorious
0
Link to comment
Share on other sites
easyhosting Senior Member

easyhosting

Posted
Posted
Wrong.

 

 

 

Wrong.

 

 

 

Wrong.

 

 

 

Thanks for the reference, interfasys. Here's another one that's worth reading: From Wikipedia, Server Name Indication.

 

 

 

More FUD. Please provide some credible references instead of just crapping all over the Internet.

 

WHM/cPanel does NOT support SNI, so if you use WHM/cPanel then you will need a dedicated IP to use and SSL certificate. I am sure Chris can confirm this

0
Link to comment
Share on other sites
And then there was one les Senior Member

And then there was one les

Posted
Posted

 

Correct, however, note the version number, this is a very new update. I think you could easily forgive the error considering up until 11.38, easyhosting was providing accurate information with regards to how WHM handled SSL certificates and IP Addresses.

 

 

To everybody else who decided to become a lynch mob for no good reason. We are all working toward the same goal in this industry there really is no reason to be rude and obnoxious to people who are offering advice. We all come here to help each other out there is no need to be arguing like this. It just makes us all look incompetent and devalues the worth of the forum.

1
Link to comment
Share on other sites
brianr Senior Member

brianr

Posted
Posted

WRT to attitude.. again, not needed, and certainly the information given is not FUD, and still represents current best practice.

 

And the reason for that... SNI is not universally supported on all platforms/browser combinations, most notably WinXP/IE (and some other browsers IIRC). Compounding the problem, WinXP still has >20% of the desktop browser market (http://gs.statcounter.com/#os-ww-monthly-201204-201304) leaving a potentially large pool of people that won't be able to use a SNI-enabled site.

 

Thus, for many sites that must use SSL (eg eCommerce) SNI is still not (and may not be for a long time) a viable option.

1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated

  I accept