Thursday, March 02, 2006

Low cost and free SSL certificates

If you are standing up an OWA server or a simple Web server to the Internet, you probably don't want to pay a couple of hundred dollars a year for an SSL certificate. Servers such as company intranet/extranet servers, mail servers, etc... don't need the same level of liability and assurance as Verisign and Thawte provide. A lot of reasonably priced CAs have emerged over the years. Most of these have very high browser recognition, so no warnings on the client side about an "untrusted" CA (ceritificate authority.)
  • GoDaddy sells their Turbo SSL cert for as little as $15.96 per year (for 10 years) - http://www.godaddy.com - I have used GoDaddy a number of times over the last few months and the are pretty easy to work with and have good telephone support.
  • Instant SSL / Comodo as low as $33 per year (for 3 years) - http://www.instantssl.com
  • Rapid SSL has certs starting at $69.00 per year - http://www.rapidssl.com

If you just need a certificate for testing, check out StartCom Free SSL (http://cert.startcom.org) for a freebie SSL certificate. Right now, though, the cert is untrusted, so your browser clients need to download their certificate server's certificate in order to keep from getting the warning message about an untrusted CA.

If anyone knows of some other good cheap/free CA's, let me know and I'll add them to the post.

3 Comments:

At 10:19 PM, Blogger Chosun_1 said...

Here's another: http://www.cacert.org

 
At 2:15 AM, Blogger Ian said...

Do some of the cheap SSL certs, such as the GoDaddy ones, work OK for the purposes of Exchange SP2 Push Email? Only I have read that the cheaper certs are not recognised by the browsers on smart phones or other mobile devices - but I am hoping this is just because the browsers on mobile devices are rubbish, and for Activesync, it will recognise any SSL cert, cheap or not.

 
At 8:18 AM, Blogger oliver said...

Low Cost SSL Certificates and Free SSL certificates have recently seen a boom in usage, particularly among smaller sites, who cannot afford SSL certificates from the likes of Thawte or Verisign. This allows their users to show they care and consider the security and protection of their data.

 

Post a Comment

<< Home