Joss Posted August 7, 2014 Share Posted August 7, 2014 http://www.bbc.co.uk/news/technology-28687513 Or, so say Google..... (Apologies to Noddy Holder and Jim Lea from Slade.) Link to comment Share on other sites More sharing options...
pwired Posted August 7, 2014 Share Posted August 7, 2014 Google, your big daddy --- Link to comment Share on other sites More sharing options...
clsource Posted August 7, 2014 Share Posted August 7, 2014 yep ssl I think you can get one certificate free here http://www.cacert.org/ Link to comment Share on other sites More sharing options...
Joss Posted August 7, 2014 Author Share Posted August 7, 2014 yep ssl I think you can get one certificate free here http://www.cacert.org/ Love it Read the site, looked interesting. Clicked on the join the CAcert Community link, and.... The site's security certificate is not trusted! You attempted to reach www.cacert.org, but the server presented a certificate issued by an entity that is not trusted by your computer's operating system. This may mean that the server has generated its own security credentials, which Chrome cannot rely on for identity information, or an attacker may be trying to intercept your communications. 3 Link to comment Share on other sites More sharing options...
clsource Posted August 7, 2014 Share Posted August 7, 2014 Love it Read the site, looked interesting. Clicked on the join the CAcert Community link, and.... The site's security certificate is not trusted! You attempted to reach www.cacert.org, but the server presented a certificate issued by an entity that is not trusted by your computer's operating system. This may mean that the server has generated its own security credentials, which Chrome cannot rely on for identity information, or an attacker may be trying to intercept your communications. haha xddd well but that does not mean it is a bad choice for a certification authority. I think Link to comment Share on other sites More sharing options...
teppo Posted August 8, 2014 Share Posted August 8, 2014 haha xddd well but that does not mean it is a bad choice for a certification authority. I think Actually.. it does. If their certs are not trusted by OS and browser vendors by default, they're pretty much useless for anything but testing purposes On a related note, this is IMHO a good (and very bold) move from Google -- one that I honestly didn't expect them to make, but am happy about nevertheless. Having a secure connection between you and the site you're trying to reach is definitely a plus and should affect the way (and the sites) people browse. That being said, it's going to cause some extra work for a lot of companies and people.. including me 6 Link to comment Share on other sites More sharing options...
mr-fan Posted August 8, 2014 Share Posted August 8, 2014 this give me some questions...(don't think g00gle is bad! but think that they didn't do something without a idea behind...) - Did g00gle have buyed some companies that make money with httpS ? - Is it real a secure (or more secure) fact that https helps here? https is more expensive without a real security and more effort or work to get a good performance. but there was 2011 successful "man in the middle" attacs against https banking sites in germany... for big userdata it is the option to choose but for a normal page?? we will see - g00gle ansounced often some things to see whats happen and first then they act. only some thoughts from a non pro webmaniac.... 1 Link to comment Share on other sites More sharing options...
LostKobrakai Posted August 8, 2014 Share Posted August 8, 2014 https is more expensive without a real security and more effort or work to get a good performance. I don't know what exactly you mean by security, but I much ruther see my data go encrypted through the wire instead of plaintext. There may be security holes, but at least the attacker has to do work, instead of just sniffing the traffic and reading it. From what I can remember from a recent talk at google io about ssl, the performance hit of it is mostly the handshake, so with http-keep-alive and some other improvements the difference in performance shouldn't matter that much. 4 Link to comment Share on other sites More sharing options...
Joss Posted August 8, 2014 Author Share Posted August 8, 2014 Yes, I know with one friend's eCommerce site, I moved him over to full SSL (rather than just the cart) and there was no obvious hit on performance at all, even though he was on a shared server. The two main things about it are probably just the cost (which is not huge, but yet another cost all the same) and the annoyance of remembering to renew the certificate. Also, some hosts seem to have a frighteningly complicated procedure you have to go to get it up and running - a real minefield for the small website owner who is possibly trying to do it all themselves. 1 Link to comment Share on other sites More sharing options...
Ivan Gretsky Posted August 8, 2014 Share Posted August 8, 2014 The forum is alright, but the main PW site should make a switch ))) 1 Link to comment Share on other sites More sharing options...
Pete Posted August 8, 2014 Share Posted August 8, 2014 Quite a few hosts sell SSL certs far cheaper than you cam buy them directly from SSL companies and they're the same certs. I won't name-drop, but you can get a $249 cert (2048-bit encryption and some other fancy features) for less than half that price from one webhost, so you could choose to see this as a chore or you could ask your host to install it for your clients which will take them a short space of time and be auto-renewed along with the hosting so there's no major headache for you. You can choose to pass the whole discount on to customers or, quite reasonably, add a little markup for the time it's cost you but still come in a lot cheaper than buying a cert straight from the cert providers. Everybody wins and the internet is a little bit more secure with each site that switches 3 Link to comment Share on other sites More sharing options...
Pete Posted August 8, 2014 Share Posted August 8, 2014 Oh, also domain name registrars will often be able to do great prices, but if you get them from the web hosts they can install them for you as well for free so it depends how much you want to be involved in the process. Link to comment Share on other sites More sharing options...
bernhard Posted August 8, 2014 Share Posted August 8, 2014 you can get a free ssl certificate here: https://www.startssl.com/?app=1 i have no experience with them (not even with ssl), but a friend of mine has and is happy with it. https://worseg-concept.com/ has this certificate in use - at least i don't get a warning message with chrome... Link to comment Share on other sites More sharing options...
teppo Posted August 8, 2014 Share Posted August 8, 2014 @zwergo: admittedly I've no experience with StartSSL, apart from someone suggesting that to me a while ago (can't remember the context, though). At that time I checked their reviews (very good) but was put off by this: http://danconnor.com/post/50f65364a0fd5fd1f7000001/avoid_startcom_startssl_like_the_plague_. I'm pretty sure that there was something else too, but it might've been just the fact that they're offering free service, which made me wonder how trustworthy they could be (and how long would browser vendors etc. continue to trust them). Nevertheless, might just give them a try one of these days Something like GetSSL would be another option. I guess I could somehow scrape together the $9.95 their standard SSL certificate costs.. Link to comment Share on other sites More sharing options...
bernhard Posted August 19, 2014 Share Posted August 19, 2014 i just came over a blog post of a friend of mine and thought that could be interesting for some of you: SSL Certificate Expiry Warning Script 2 Link to comment Share on other sites More sharing options...
bernhard Posted February 15, 2015 Share Posted February 15, 2015 nice overview on using/switching to ssl: 1 Link to comment Share on other sites More sharing options...
Recommended Posts