NetTalk Central

NetTalk Web Server => Web Server - Ask For Help => Topic started by: kevin plummer on November 27, 2007, 12:35:08 AM

Title: WEB SSL Certificates
Post by: kevin plummer on November 27, 2007, 12:35:08 AM

Anyone had any good/bad experience with comodo certificates? What is the difference with normal, pro and premium? They seem a lot cheaper than Thawte. Is Thwate better/easier to use?

Also, can I only run SSL on port 443 or can I run it on any port?

Cheers,

Kevin

Title: Re: WEB SSL Certificates
Post by: Bruce on November 27, 2007, 01:40:17 AM

Robert here says he used one recently with one of our sites, and he's very happy. The system for getting one was slick and seemed to go fine.
Apparently he did the "free" one as a test. It's only valid for 3 months but is working nicely so far.

No idea on the different options - normal, pro etc.

Yes any port should be fine.

cheers
Bruce

Title: Re: WEB SSL Certificates
Post by: kevin plummer on December 13, 2007, 09:28:40 PM

I got a CRT file back from COMODO. My CRT was in the wrong name so they had to change it. I gather the key file generated must match the CRT file? What happens if they don't? When I try to log on it just come up with an error loading page. If I swutch off SSL all works as norma...

Title: Re: WEB SSL Certificates
Post by: Robert Iliuta on August 02, 2010, 01:11:52 AM

Hallo Kevin,

I'm about to buy a SSl certificate. They said that will send me the crt file and key will be generated on the server where the site will be installed. How did you generate this key ? How easy is to implement this with NT?

Also user have to write the full address in the address bar?
ex: https://mydomain.com:881  or is enough mydomain.com  and it will be redirectioned to https://mydomain.com:881 ? If not can this be done in NT?

Thank you for any suggestions,

Robert

Title: Re: WEB SSL Certificates
Post by: Larry Sand on August 02, 2010, 06:26:57 AM

You need to generate a certificate signing request by first making a private key and then the request.  You use the certificate signing request when you purchase your ssl cert from the authority.  To make the private key you can use openssl() like this:

Result = cpRun('openssl.exe','genrsa -out '&privateKeyFilename&' 2048')

And to make the CSR do this:

Result = cpRun('openssl.exe','req -new -days 3650 -key '&privateKeyFilename&' -out '&csrFilename& |
                        ' -config '& CONFIG_FILE &|
                        ' -subj "/C='&Clip(CsrCountry)&   |   !No spaces between the /tag=yada/tag=yada
                        '/ST='&Clip(CsrState)&           |
                        '/L='&Clip(CsrCity)&             |
                        '/O='&Clip(CsrCompanyName)&      |
                        '/CN='&Clip(CsrCommonName)&'"')

if you search you'll find info about the CSR from different vendors.

If your Certificate doesn't exactly match it won't work.

Larry Sand

Title: Re: WEB SSL Certificates
Post by: Robert Iliuta on August 02, 2010, 10:36:49 AM

Thank you Larry for detailed example.
Appreciate.

Robert

Title: Re: WEB SSL Certificates
Post by: rjolda on August 02, 2010, 11:25:20 AM

Hi,
1. You can get a free trial SSL certificate from Comodo.  You can test it out......I think for 1 month.
2. If you join Lindersoft community you may be able to get a SSL certificate cheaper.  It used to be $35.00 to join the Lindersoft community and then get the Comodo Code sign and / or SSL certificate through them.  I got the Code sign through them - it was cheaper. Code Sign itself was a major effort but the help from the NG postings really helped out.  Going through the Identity stuff was a bit or a hassle but that is what their job is!
FWIW,
Ron Jolda