WEB SSL Certificates

[kevin plummer]

Anyone had any good/bad experience with comodo certificates? What is the difference with normal, pro and premium? They seem a lot cheaper than Thawte. Is Thwate better/easier to use?

Also, can I only run SSL on port 443 or can I run it on any port?

Cheers,

Kevin

[Bruce]

Robert here says he used one recently with one of our sites, and he's very happy. The system for getting one was slick and seemed to go fine.
Apparently he did the "free" one as a test. It's only valid for 3 months but is working nicely so far.

No idea on the different options - normal, pro etc.

Yes any port should be fine.

cheers
Bruce

[kevin plummer]

I got a CRT file back from COMODO. My CRT was in the wrong name so they had to change it. I gather the key file generated must match the CRT file? What happens if they don't? When I try to log on it just come up with an error loading page. If I swutch off SSL all works as norma...

[Robert Iliuta]

Hallo Kevin,

I'm about to buy a SSl certificate. They said that will send me the crt file and key will be generated on the server where the site will be installed. How did you generate this key ? How easy is to implement this with NT?

Also user have to write the full address in the address bar?
ex: https://mydomain.com:881  or is enough mydomain.com  and it will be redirectioned to https://mydomain.com:881 ? If not can this be done in NT?

Thank you for any suggestions,

Robert

[Larry Sand]

You need to generate a certificate signing request by first making a private key and then the request.  You use the certificate signing request when you purchase your ssl cert from the authority.  To make the private key you can use openssl() like this:

Result = cpRun('openssl.exe','genrsa -out '&privateKeyFilename&' 2048')

And to make the CSR do this:

Result = cpRun('openssl.exe','req -new -days 3650 -key '&privateKeyFilename&' -out '&csrFilename& |
                        ' -config '& CONFIG_FILE &|
                        ' -subj "/C='&Clip(CsrCountry)&   |   !No spaces between the /tag=yada/tag=yada
                        '/ST='&Clip(CsrState)&           |
                        '/L='&Clip(CsrCity)&             |
                        '/O='&Clip(CsrCompanyName)&      |
                        '/CN='&Clip(CsrCommonName)&'"')

if you search you'll find info about the CSR from different vendors.

If your Certificate doesn't exactly match it won't work.

Larry Sand

[Robert Iliuta]

Thank you Larry for detailed example.
Appreciate.

Robert

[rjolda]

Hi,
1. You can get a free trial SSL certificate from Comodo.  You can test it out......I think for 1 month.
2. If you join Lindersoft community you may be able to get a SSL certificate cheaper.  It used to be $35.00 to join the Lindersoft community and then get the Comodo Code sign and / or SSL certificate through them.  I got the Code sign through them - it was cheaper. Code Sign itself was a major effort but the help from the NG postings really helped out.  Going through the Identity stuff was a bit or a hassle but that is what their job is!
FWIW,
Ron Jolda