I don't understand OpenSSL. I am using a RaQ4i and my I've just had OpenSSL installed, but now I understand I STILL need to go out an buy a cert from someone like Verisign. I thought OpenSSL was free. :bawling:

The software is free, but you must buy a certificate to help ensure authorizations.....


You pay for the cert. to have verisign to look at it and confirm the encryption algorithm is fine. Once they do that, they sign it and your secure, if security isn't a big thing to you, you can sign your own cert. but the users will get a popup saying that you signed it...

Thanks.

So if I buy the $68 Equifax cert, will my hosting customers be able to use it for their shopping cart pages, etc. via something like https://www.hostingdomain.com/hostingcustomer/customercart.html ????

I know a wildcard cert would probably be better. I just can't afford the $500 fee right now.

I wouldn't buy the equifax cert, its 98% compared to others which are 99% recognizable.

Verisign is obviously a rip off, and the cheapest brand name is Thawte, which is a like 56bit for 125$ or something.

But now Tucows is selling 128bit certs for only 99$ (find someone who is reselling) and buy one for like 125$, save you like 250$+ on a 128bit cert.

If you are a Tucows reseller you can get their SSL totally free if you able to sell 10 domains year in a month.

at first you have to pay $99 for the cert. The $99 will rebate to your reseller account after you resell 10 domain years in amonth. More details here:

https://certs.tucows.com/promo.html


we are waiting for the rebate.

:)

Okay. Thanks again. So now I am trying to remove the OpenSSL stuff from my RaQ4i which was obviously not needed at all, so I can go back to generating a request and inputing a manual key via the control panel. So I removed the part of the httpd.conf that the OpenSSL install guy added to make it work, but now when I try to generate a self-signed cert and install it via the RaQ4i SSL stuff via the control panel, Netscape will just sit there and think (when I try https://www.domain.com), instead of going through its parade of New Certificate screens.

At this point I just want to go get the Thwate cert and be done with it.

Any ideas about any of this?

Thanks,
Joe