Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




5 posts

Wannabe Geek


Topic # 220279 3-Aug-2017 11:20
Send private message quote this post

Secure Certificates (SSL Certificates) are a must have in e-commerce to keep credit card details safe on the web, but these are now becoming required by Google if you collect any type of information via your website. Makes sense right? Google maintains its market edge by providing the best results and a secure site is becoming part of what makes a good list of website results. In short, if you want your website to rank well in Google you should have an SSL Certificate.

 

Can anyone recommend a New Zealand based Secure Certificate seller that has good service, preferably with phone support.


View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
6699 posts

Uber Geek
+1 received by user: 3071

Moderator
Trusted
Subscriber

  Reply # 1836395 3-Aug-2017 11:24
4 people support this post
Send private message quote this post

You don't need NZ based. Just use LetsEncrypt and be done with it. No point adding complexity on something that should be automated and once a SSL certificate is loaded you just need a process to handle renewal (which LetsEncrypt does).





Michael Murphy | https://murfy.nz
Want to be with an epic ISP? Want $20 to join them too? Well, use this link to sign up to BigPipe!
The Router GuideCommunity UniFi Cloud Controller | Ubiquiti Edgerouter Tutorial


13166 posts

Uber Geek
+1 received by user: 2191

Trusted
Subscriber

  Reply # 1836396 3-Aug-2017 11:24
Send private message quote this post

Why do you need an NZ based reseller or phone support? Just use a free Let's Encrypt certificate, unless you need identity verification for e-commerce.





AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer


 
 
 
 


11 posts

Geek
+1 received by user: 2


  Reply # 1836398 3-Aug-2017 11:26
One person supports this post
Send private message quote this post

Honestly, if you can, I'd recommend using Lets Encrypt (https://letsencrypt.org/) over any of the commercial Certificate Authorities.  It's free and automated.  


14678 posts

Uber Geek
+1 received by user: 3700

Trusted
Subscriber

  Reply # 1836458 3-Aug-2017 11:49
2 people support this post
Send private message quote this post

If you do want a commercial one, SSL2BUY has been awesome in the past 5 years we have used them.


2055 posts

Uber Geek
+1 received by user: 613

Subscriber

  Reply # 1836482 3-Aug-2017 12:11
3 people support this post
Send private message quote this post

Used Digicert and always been happy with them. I see they have just purchased Symantecs certificate business too.


IcI

460 posts

Ultimate Geek
+1 received by user: 101

Trusted

  Reply # 1836518 3-Aug-2017 12:57
Send private message quote this post

michaelmurfy: You don't need NZ based. Just use LetsEncrypt and be done with it. No point adding complexity on something that should be automated and once a SSL certificate is loaded you just need a process to handle renewal (which LetsEncrypt does). 

 

timmmay: Why do you need an NZ based reseller or phone support? Just use a free Let's Encrypt certificate, unless you need identity verification for e-commerce. 

 

baplaski: Honestly, if you can, I'd recommend using Lets Encrypt (https://letsencrypt.org/) over any of the commercial Certificate Authorities.  It's free and automated.

 

Sorry, but Letsencrypt is not the solution to every problem. Does catchlight need a certificate that is valid for longer than 90 days? Must the certificate be a domain validated cert or must it have extended validation? Does he run his own web server or does he have a hosted solution? If he is using his own web server, is he running IIS? Initially, Letsencrypt did not support IIS.

 

Let's get catchlight to provide more context so that we can answer with something applicable. Especially as SSL certificate DO NOT keep credit card data safe. SSL certificates encrypt the traffic between the browser and the server. That does not mean the CC data is stored securely in the DB or cached securely on the web server. Other solutions are required for that.

 

catchlight could mint his/her own SSL certificate and does not need to buy one. That would also give him/her a valid SSL certificate. It just wouldn't be trusted by major browsers.


13166 posts

Uber Geek
+1 received by user: 2191

Trusted
Subscriber

  Reply # 1836529 3-Aug-2017 13:10
Send private message quote this post

IcI:

 

 

 

Sorry, but Letsencrypt is not the solution to every problem. Does catchlight need a certificate that is valid for longer than 90 days? Must the certificate be a domain validated cert or must it have extended validation? Does he run his own web server or does he have a hosted solution? If he is using his own web server, is he running IIS? Initially, Letsencrypt did not support IIS.

 

Let's get catchlight to provide more context so that we can answer with something applicable. Especially as SSL certificate DO NOT keep credit card data safe. SSL certificates encrypt the traffic between the browser and the server. That does not mean the CC data is stored securely in the DB or cached securely on the web server. Other solutions are required for that.

 

catchlight could mint his/her own SSL certificate and does not need to buy one. That would also give him/her a valid SSL certificate. It just wouldn't be trusted by major browsers.

 

 

That's all true, but for many common scenarios it's a good choice. 





AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer




5 posts

Wannabe Geek


  Reply # 1836531 3-Aug-2017 13:14
Send private message quote this post

Thanks all for your replies. If it was just a personal website, I would probably go with Let's Encrypt, but even then the 90-day renewal thing seems like a bit of a pain. Though it sounds like it can be automated??

 

I'm looking to buy SSL Certificates for my website clients and was after a good service for doing this here in NZ. Correct, they'll probably just buy them from the US anyway, but I was after good service at a reasonable cost. By good service, I mean people who are accessable and knowledgeable enough to help out when if get stuck. :) 

 

 

 

 


25459 posts

Uber Geek
+1 received by user: 5269

Moderator
Trusted
Biddle Corp
Subscriber

  Reply # 1836538 3-Aug-2017 13:24
One person supports this post
Send private message quote this post

Buying NZ based offers no benefits - and considering there isn't really much in the way of "service" it's very hard to differentiate between the thousands of resellers out there now except on price.

 

Letsencrypt is fine for personal, but when the going price of a cert us US$5 per year you don't need to bother with renewals if you just get 3yr certs.

 

 

 

 

 

 


53 posts

Master Geek
+1 received by user: 1


  Reply # 1836541 3-Aug-2017 13:26
One person supports this post
Send private message quote this post

I'd have to agree with the previous posts. We have been using the Let's Encrypt services for over a year now without any trouble. 

 

Many online services now use them for free certificates too - for example, the free certificates from SquareSpace come from Let's Encrypt. 

 

Amazon also give out free certificates with their services. 

 

I do notice that you mention that you'd like phone support. They will likely mean you'll need to pay a little more. We've used NameCheap and RapidSSLOnline, and they have (US) phone numbers listed. Perhaps give them a call and see how helpful they are?

 

 


13230 posts

Uber Geek
+1 received by user: 1564


  Reply # 1836545 3-Aug-2017 13:30
One person supports this post
Send private message quote this post

Or just buy one from your web host. You hardly need phone support too, you just get the host to install it. If it is shared hosting you may need to lease a dedicated IP as well, plus often there is an install cost too.


13230 posts

Uber Geek
+1 received by user: 1564


  Reply # 1836547 3-Aug-2017 13:31
Send private message quote this post

nigelramsay:

 

 

 

 Perhaps give them a call and see how helpful they are?

 

 

 

 

 

 

Getting the sense of a bit of sarcasm there :) Many providers from my experience will just have front line staff manning the phones that have little technical knowledge. SO it is often a waste of time even having phone support, that is if you can get through and are not on hold for ages.


53 posts

Master Geek
+1 received by user: 1


  Reply # 1836584 3-Aug-2017 14:12
Send private message quote this post

No sarcasm intended.

 

As I said, just give them a call and see what they're like. International calls these days are so close to free, there's nothing really to be lost. 

 

They always seem dead keen to chat when the certificates are due to be renewed. 


BDFL - Memuneh
58932 posts

Uber Geek
+1 received by user: 10298

Administrator
Trusted
Geekzone
Subscriber

  Reply # 1836598 3-Aug-2017 14:32
3 people support this post
Send private message quote this post

Good advice on needing more information. For the sake of brevity though, if you don't need wildcard certificates (this is currently not available on Let's Encrypt but coming early 2018) then SSL2BUY is hard to beat. Or if you're talking about a public domain then you have the option of placing it behind Cloudflare and use their free certificates. 

 

Either way, as mentioned, SSL is only used to encrypt data in transit between the browser and the server. It doesn't guarantee data is safely stored or managed after it arrives on the server.







5 posts

Wannabe Geek


Reply # 1836738 3-Aug-2017 17:17
Send private message quote this post

Thanks Geekzoners! Some really helpful responses here. I'll investigate all these options further. 


 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Vodafone TV — television in the cloud
Posted 17-Oct-2017 19:29


Nokia 8 review: Classy midrange pure Android phone
Posted 16-Oct-2017 07:27


Why carriers might want to embrace Commerce Commission study, MVNOs
Posted 13-Oct-2017 09:42


Fitbit launches Ionic, its health and fitness smartwatch
Posted 12-Oct-2017 15:52


Xero launches machine learning automation to improve coding accuracy for small businesses
Posted 12-Oct-2017 15:45


Bank of New Zealand uses Intel AI to detect financial crime
Posted 12-Oct-2017 15:39


Sony launches Xperia XZ1, a smartphone with real-time 3D capture
Posted 11-Oct-2017 10:26


Notes on Nokia’s phone comeback
Posted 10-Oct-2017 10:06


Air New Zealand begins Inflight Wi-Fi rollout
Posted 9-Oct-2017 20:16


The latest mobile phones in perspective
Posted 9-Oct-2017 18:34


Review: Acronis True Image 2018 — serious backup
Posted 8-Oct-2017 11:22


Lenovo launches ThinkPad Anniversary Edition 25
Posted 7-Oct-2017 23:16


Less fone, more tech as Vodafone gets brand make-over
Posted 6-Oct-2017 08:16


API Talent Achieves AWS MSP Partner Status
Posted 5-Oct-2017 21:20


Stellar Consulting Group now a Domo Partner
Posted 5-Oct-2017 21:03



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.