SSL Certificates
-
@BRRABill said in SSL Certificates:
That might work for my other stuff, though.
If I can do DOMAIN.COM and then
vpn.domain.com
mail.domain.com
iDRAC.domain.comto fill all my certificate needs
Why would you do domain.com? That's not a real service is it? it's generally better off being a redirector to a real service like www.domain.com.
-
@BRRABill Yeah. Last time we updated at work I paid a little extra for a wildcard cert. So *.domain.com, it's all valid for the one cert.
For my personal server, I just run Let's Encrypt.
-
@travisdh1 said in SSL Certificates:
@BRRABill Yeah. Last time we updated at work I paid a little extra for a wildcard cert. So *.domain.com, it's all valid for the one cert.
For my personal server, I just run Let's Encrypt.
How much is a little? The last time I looked (it's been many years) a wildcard cert was 5X the cost of a normal cert, maybe more.
-
@Dashrender said in SSL Certificates:
@travisdh1 said in SSL Certificates:
@BRRABill Yeah. Last time we updated at work I paid a little extra for a wildcard cert. So *.domain.com, it's all valid for the one cert.
For my personal server, I just run Let's Encrypt.
How much is a little? The last time I looked (it's been many years) a wildcard cert was 5X the cost of a normal cert, maybe more.
You can pickup a Comodo cert for $94/year. Looks like today's pricing has majorly changed since the last time I bought a cert, single site certs for $9. Let's Encrypt is having a real nice effect on the market!
-
@Dashrender said
Why would you do domain.com? That's not a real service is it? it's generally better off being a redirector to a real service like www.domain.com.
That was an example.
Even after yesterday I still seem to be afraid to post real details online!
vpn.brrabillisafraidoftheinternet.com
mail.brrabillisafraidoftheinternet.com
iDRAC.brrabillisafraidoftheinternet.com -
For me it wasn't so much the cost as wondering of there was a better way than what I was doing.
Part optimization, part learning what else might be out there.
-
@BRRABill said in SSL Certificates:
@Dashrender said
Why would you do domain.com? That's not a real service is it? it's generally better off being a redirector to a real service like www.domain.com.
That was an example.
Even after yesterday I still seem to be afraid to post real details online!
vpn.brrabillisafraidoftheinternet.com
mail.brrabillisafraidoftheinternet.com
iDRAC.brrabillisafraidoftheinternet.comLOL - if the host name is in DNS - then your non posting of the real links here is doesn't gain you anything.
Google undoubtedly is looking through all of the newly registered domains daily (or rather minutely). Then Google looks to see if those domains have DNS entries, if they do, they then query every record it can in DNS. Then I bet it attempts to connect to at least the root of every record listed there, then starts the spidering.
The main reason to not post your real domain is to keep script kiddies who peruse forums like these for things to attack just because you were talking about it.
-
Look I wouldn't make fun of everyone's else fears.
Seriously, just kidding. I'm learning. That's the best part about ML, not just teaching, but also breaking down dumb ideas people hold on to.
-
Well you helped break one wide open on me today - that spiders can't just call web servers anywhere they wanna go.
-
@travisdh1 said
You can pickup a Comodo cert for $94/year. Looks like today's pricing has majorly changed since the last time I bought a cert, single site certs for $9. Let's Encrypt is having a real nice effect on the market!
Where did you see $9?
On Comodo the cheapest I see is $76.95.
Or did you mean elsewhere?
-
@BRRABill said in SSL Certificates:
@travisdh1 said
You can pickup a Comodo cert for $94/year. Looks like today's pricing has majorly changed since the last time I bought a cert, single site certs for $9. Let's Encrypt is having a real nice effect on the market!
Where did you see $9?
On Comodo the cheapest I see is $76.95.
Or did you mean elsewhere?
You have to look elsewhere. I forget where exactly I saw that price, but it wasn't direct.
-
-
-
@aaronstuder said in SSL Certificates:
Thanks for this.
My $70 a year GoDaddy cert was up. I bought the same type of cert from SSLS.COM for $15 for 3 years. TOTAL.
That is exactly the kind of information I was looking for.
More money saved on ML. AWESOME.
And in the process learned a lot of certificates and domain validation.
-
@BRRABill said in SSL Certificates:
@aaronstuder said in SSL Certificates:
Thanks for this.
My $70 a year GoDaddy cert was up. I bought the same type of cert from SSLS.COM for $15 for 3 years. TOTAL.
That is exactly the kind of information I was looking for.
More money saved on ML. AWESOME.
And in the process learned a lot of certificates and domain validation.
Nice!
-
I did come up with a question in all of this.
Not doing any real "business" online, I never really had a need for us to validate who we were.
But obviously, that is important to a company doing business online.
However, does anyone ever really check that stuff? I can say I don't think I've ever taken the time to validate a certificate was the physical address and stuff I thought it was supposed to be.
-
@BRRABill said in SSL Certificates:
I did come up with a question in all of this.
Not doing any real "business" online, I never really had a need for us to validate who we were.
But obviously, that is important to a company doing business online.
However, does anyone ever really check that stuff? I can say I don't think I've ever taken the time to validate a certificate was the physical address and stuff I thought it was supposed to be.
I do check them before I'll use a website for the first time. Outside of that, not much.
-
@travisdh1 said
I do check them before I'll use a website for the first time. Outside of that, not much.
I was like, yeah that makes sense, yeah, of course. And then realized I had never done it.
-
I still can't get over it was only $5 a year. LOL.
-
Some of the SSL folks do verify information. We actually had our SSL Certificate denied once because our Address on file with the SSL site at the time still had an old street name on it... Of course, all it took was an edit to fix that, but still...