On Mon, 24 Jul 2000, Michael Beaucourt wrote:
> Hi,
>
> I'm working on a Redhat Linux 6.1 system (soon 6.2) and I am relatively
> new to SSL. But I will need the technology in the near future for an
> e-commerce solution. Now, after reading some stuff I understand you need
> to buy a server certificate. I have visited some sites like thawte.com
> and verisign.com but find their prices very high.
> Now, what I am wondering:
>
> 1. Are there free certificates somewhere?
You can make your own self-signed root ca certificate and import
it in your and others browsers.
> 2. Does higher price mean a better certificate? Or why are the prices
> sometimes so high?
For certificates you buy, the "root certificate" is already there
in your browser so your client can connect with SSL transparently.
I heard that putting your root certificate in a browser costs
a lot lot of money. Can someone verify/provide links on this procedure?
Also, the CA that signs your certificate needs to pay money for
fancy security measures that will give you confidence. Confidence that
their private key will remain secret and noone
will be able to decrypt the communications of your clients.
simos
http://ospkibook.sourceforge.net (new version out, 2.4.7)
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
