Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


1101

3122 posts

Uber Geek


#171978 7-May-2015 15:03
Send private message

Hi There

Im looking into SSL cert pricing , just a basic cert for Outlook Anywhere, OWA etc
I dont want certs that have to be manually installed.

The pricing seem all over the place. Some prices seem too low to be true, with reseller pricing starting at $5
Godaddy $90

Rapid SSl seems cheap , $32 ($11 if you are a reseller),
https://www.trustico.co.nz/dv/rapidssl/cheap-rapidssl-certificate.php
 
and some other resellers offer SSL certs from $5 for a Comodo  SSL. Whats the catch, seems too cheap.
https://www.ssls.com/domain-only.html

Would these cheap certs cause issues with not being fully trusted, as is ?
I dont want certs that have to be manually installed.

The naming of these certs is confusing, Positve SSL, Rapid SSL, Quick SSL
Which would I require , just for OWA Outlook anywhere etc. Do I need any more than the most basic of SSL cert ?

Any advice would be appreciated.
In the past I just went to digicert etc & paid there comparatively high pricing (starting at $155)

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
slingynz
154 posts

Master Geek


  #1299944 7-May-2015 15:28
Send private message

normally need a SAN cert because you will have multiple subdomains & servers.



freitasm
BDFL - Memuneh
79250 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #1299947 7-May-2015 15:33
Send private message

The annoying thing is that you go to some of these cert companies and they have as you noticed confusing names that don't help. 

Then you have things like RapidSSL certificates, which is a Geotrust company, which is part of Verisign, which is now part of Symantec. So why do they have to have dozens of different names for the same product?






Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup


  #1299949 7-May-2015 15:36
Send private message

If it's just for an HTTPS website, then you can get free ones from StartSSL.
Ultimately, a certificate is only as secure as the site that it is hosting, so there's no point spending lots of money on a certificate, as an expensive certificate doesn't provide a more secure connection.



timmmay
20574 posts

Uber Geek

Trusted
Lifetime subscriber

  #1299956 7-May-2015 15:41
Send private message

Can you clarify what you're trying to achieve - encrypted email for your client, or providing say OWA over an SSL connection? Cloudflare provides free automatic SSL if you can tolerate its limitations, which are minor for many.

1101

3122 posts

Uber Geek


  #1300001 7-May-2015 16:20
Send private message

Outlook Anywhere (Outlook via RPC over HTTP) wont work with self signed certs


So a need a SSL cert , just for OWA & Outlook anywhere.
single domain name, dont need a wildcard cert.
I dont want to have to muck about trying to install untrusted certs on PC's & I dont think that works any more for Outlook Anywhere .

ajobbins
5052 posts

Uber Geek

Trusted

  #1300019 7-May-2015 16:54
Send private message

I use a heap of free certs from StartSSL. All work fine, but are single domain only




Twitter: ajobbins


MadEngineer
4271 posts

Uber Geek

Trusted

  #1300031 7-May-2015 17:02
Send private message

Wait, certificates you don't have to manually install? Is that like it comes with a trusted monkey that does the device export for you?




You're not on Atlantis anymore, Duncan Idaho.

 
 
 

Cloud spending continues to surge globally, but most organisations haven’t made the changes necessary to maximise the value and cost-efficiency benefits of their cloud investments. Download the whitepaper From Overspend to Advantage now.
nathan
5695 posts

Uber Geek
Inactive user


  #1300070 7-May-2015 18:44
Send private message

1101: Outlook Anywhere (Outlook via RPC over HTTP) wont work with self signed certs


So a need a SSL cert , just for OWA & Outlook anywhere.
single domain name, dont need a wildcard cert.
I dont want to have to muck about trying to install untrusted certs on PC's & I dont think that works any more for Outlook Anywhere .


it can be made to work with self signed

but what's the point.  SAN certs are very low cost these days

you'd only go down the self signed path path if time did not equal money and you were stupid.

Inphinity
2780 posts

Uber Geek


  #1300071 7-May-2015 18:45
Send private message

MadEngineer: Wait, certificates you don't have to manually install? Is that like it comes with a trusted monkey that does the device export for you?


An SSL cert whose root authority is trusted by the client already (assuming the path is correct blah blah), won't need to be specifically installed on the client device. Google don't send a tech - sorry, trusted monkey - around to everyone's house to install their certs on all your devices when they renew them...

Dynamic
3866 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #1300079 7-May-2015 19:11
Send private message

We use the trustico rapidssl certificates in a large range of server situations and have had zero issues. Not seen StartSSL before now.




“Don't believe anything you read on the net. Except this. Well, including this, I suppose.” Douglas Adams

 

Referral links to services I use, really like, and may be rewarded if you sign up:
PocketSmith for budgeting and personal finance management.  A great Kiwi company.


jnimmo
1097 posts

Uber Geek


  #1300227 7-May-2015 22:02
Send private message

Grab a RapidSSL cert from ssls.com for 3 years or something.. $27 USD, maybe even get away with the slightly cheaper PositiveSSL from Comodo there but possibly slightly less recognition.
1 year is a pain :)
Use SHA-256 or the key instead of SHA-1 if you don't want Google Chrome popping up warnings

MadEngineer
4271 posts

Uber Geek

Trusted

  #1300250 7-May-2015 22:11
Send private message

Inphinity:
MadEngineer: Wait, certificates you don't have to manually install? Is that like it comes with a trusted monkey that does the device export for you?


An SSL cert whose root authority is trusted by the client already (assuming the path is correct blah blah), won't need to be specifically installed on the client device. Google don't send a tech - sorry, trusted monkey - around to everyone's house to install their certs on all your devices when they renew them...
ah I was referring to the manual install comment but I get what he means now :)  (manual install on the visitors browser rather than on your server. setting up a cert on your server is still a manual process)




You're not on Atlantis anymore, Duncan Idaho.

Quacko
21 posts

Geek


  #1300270 7-May-2015 22:40
Send private message

I recommend DigiCert www.digicert.com


They are a step above the super-cheap/free certs, on par with those you would get from Thawte or Verisign, but cheaper.

CapBBeard
211 posts

Master Geek


  #1300278 7-May-2015 22:57
Send private message

Sidenote on SSL deployment, I'd recommend verifying your installation with something like https://www.ssllabs.com/ssltest/

T
his will show up any areas for strengthening or where configuration could be enhanced. A couple of little tweaks can make a massive difference.

Regs
4066 posts

Uber Geek

Trusted
Snowflake

  #1300281 7-May-2015 23:01
Send private message

I believe that much of the price difference comes in the sort of insurance you get with the cert.  If you're running an online ecommerce site, or storing peoples PII, then you probably want to pay for the ones with extra protection.  You may not need that insurance though, so the cheap ones will usually work fine - but some don't have trusted roots across all devices




 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00


eero Pro 7 Review
Posted 23-Jul-2025 12:07


BeeStation Plus Review
Posted 21-Jul-2025 14:21


eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01


WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32


RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26


Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24


Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05


Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01


Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01


Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22


Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46


Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42


D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34


Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.