Results 1 to 3 of 3
  1. #1
    Join Date
    Jan 2005

    openssl or ssl certitficate ?

    what are difference between ssl certificate and openssl ? if we can make openssl like a ssl certificate then we dont have to to buy it !!!??..i am kind of confusing about this. Anyone have experience with it ? thanks

  2. #2
    Join Date
    Sep 2002
    Top Secret
    Openssl is a protocol, it's a module on your server. yes, you CAN generate SSL certificates, HOWEVER, those certificates will pop up warnings in the user's browser saying they are "self signed". In other words, the browser doesn't trust the signing agency, and neither should the user.

    To buy a cert or not? That depends on the arena you're looking for. Usually, the answer to this is yes, ESPECIALLY if you're dealing with a billing or helpdesk area which CAN contain private information.
    WHMCS Guru - WHMCS addons, management, support and more.
    WHMCS Notifications Extended - Add slack, hipchat, SMS, pushover to WHMCS !!
    Linux Problems? WHMCS Issues? +1-866-546-8914 (linux-14) or @whmcsguru on twitter!

  3. #3
    Join Date
    Dec 2004
    Asymetric encryption (as SSL is) is based around the premise that each user has a keyring with trust attached to each key. When you purchase a key from a reputable provider, they sign it with their own key. The provider's key is distributed with your browser with trust automatically granted to it, so that you don't get security warnings when you view sites using that key. If you generate your own SSL keys and self-sign them, there is no trust attached to your key by the browser, and thus your users will get security warnings when they view your site.

    The encryption is just as strong, but one of the purposes of public-key cryptography is to create a trust network which can help ensure that the entity you're communicating with is one that you trust your information to. By creating signing authorities that verify identities and the like, and having only those keys trusted automatically, some credibility is gained. Your own keys will not be signed by a reputably authority, so there is no guarantee that you are who you say you are, and etc. If you're not dealing with the general public, a self-signed key is fine. If you expect people to give you their credit card information or some such, it's absolutely required.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts