Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




5 posts

Wannabe Geek


Topic # 220279 3-Aug-2017 11:20
Send private message

Secure Certificates (SSL Certificates) are a must have in e-commerce to keep credit card details safe on the web, but these are now becoming required by Google if you collect any type of information via your website. Makes sense right? Google maintains its market edge by providing the best results and a secure site is becoming part of what makes a good list of website results. In short, if you want your website to rank well in Google you should have an SSL Certificate.

 

Can anyone recommend a New Zealand based Secure Certificate seller that has good service, preferably with phone support.


View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
Meow
7094 posts

Uber Geek
+1 received by user: 3327

Moderator
Trusted
Lifetime subscriber

  Reply # 1836395 3-Aug-2017 11:24
4 people support this post
Send private message

You don't need NZ based. Just use LetsEncrypt and be done with it. No point adding complexity on something that should be automated and once a SSL certificate is loaded you just need a process to handle renewal (which LetsEncrypt does).





13553 posts

Uber Geek
+1 received by user: 2321

Trusted
Subscriber

  Reply # 1836396 3-Aug-2017 11:24
Send private message

Why do you need an NZ based reseller or phone support? Just use a free Let's Encrypt certificate, unless you need identity verification for e-commerce.





AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer


 
 
 
 


12 posts

Geek
+1 received by user: 2


  Reply # 1836398 3-Aug-2017 11:26
One person supports this post
Send private message

Honestly, if you can, I'd recommend using Lets Encrypt (https://letsencrypt.org/) over any of the commercial Certificate Authorities.  It's free and automated.  


15772 posts

Uber Geek
+1 received by user: 4283

Trusted
Lifetime subscriber

  Reply # 1836458 3-Aug-2017 11:49
2 people support this post
Send private message

If you do want a commercial one, SSL2BUY has been awesome in the past 5 years we have used them.


2119 posts

Uber Geek
+1 received by user: 629

Subscriber

  Reply # 1836482 3-Aug-2017 12:11
3 people support this post
Send private message

Used Digicert and always been happy with them. I see they have just purchased Symantecs certificate business too.


IcI

605 posts

Ultimate Geek
+1 received by user: 135

Trusted

  Reply # 1836518 3-Aug-2017 12:57
Send private message

michaelmurfy: You don't need NZ based. Just use LetsEncrypt and be done with it. No point adding complexity on something that should be automated and once a SSL certificate is loaded you just need a process to handle renewal (which LetsEncrypt does). 

 

timmmay: Why do you need an NZ based reseller or phone support? Just use a free Let's Encrypt certificate, unless you need identity verification for e-commerce. 

 

baplaski: Honestly, if you can, I'd recommend using Lets Encrypt (https://letsencrypt.org/) over any of the commercial Certificate Authorities.  It's free and automated.

 

Sorry, but Letsencrypt is not the solution to every problem. Does catchlight need a certificate that is valid for longer than 90 days? Must the certificate be a domain validated cert or must it have extended validation? Does he run his own web server or does he have a hosted solution? If he is using his own web server, is he running IIS? Initially, Letsencrypt did not support IIS.

 

Let's get catchlight to provide more context so that we can answer with something applicable. Especially as SSL certificate DO NOT keep credit card data safe. SSL certificates encrypt the traffic between the browser and the server. That does not mean the CC data is stored securely in the DB or cached securely on the web server. Other solutions are required for that.

 

catchlight could mint his/her own SSL certificate and does not need to buy one. That would also give him/her a valid SSL certificate. It just wouldn't be trusted by major browsers.


13553 posts

Uber Geek
+1 received by user: 2321

Trusted
Subscriber

  Reply # 1836529 3-Aug-2017 13:10
Send private message

IcI:

 

 

 

Sorry, but Letsencrypt is not the solution to every problem. Does catchlight need a certificate that is valid for longer than 90 days? Must the certificate be a domain validated cert or must it have extended validation? Does he run his own web server or does he have a hosted solution? If he is using his own web server, is he running IIS? Initially, Letsencrypt did not support IIS.

 

Let's get catchlight to provide more context so that we can answer with something applicable. Especially as SSL certificate DO NOT keep credit card data safe. SSL certificates encrypt the traffic between the browser and the server. That does not mean the CC data is stored securely in the DB or cached securely on the web server. Other solutions are required for that.

 

catchlight could mint his/her own SSL certificate and does not need to buy one. That would also give him/her a valid SSL certificate. It just wouldn't be trusted by major browsers.

 

 

That's all true, but for many common scenarios it's a good choice. 





AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer




5 posts

Wannabe Geek


  Reply # 1836531 3-Aug-2017 13:14
Send private message

Thanks all for your replies. If it was just a personal website, I would probably go with Let's Encrypt, but even then the 90-day renewal thing seems like a bit of a pain. Though it sounds like it can be automated??

 

I'm looking to buy SSL Certificates for my website clients and was after a good service for doing this here in NZ. Correct, they'll probably just buy them from the US anyway, but I was after good service at a reasonable cost. By good service, I mean people who are accessable and knowledgeable enough to help out when if get stuck. :) 

 

 

 

 


25952 posts

Uber Geek
+1 received by user: 5636

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 1836538 3-Aug-2017 13:24
One person supports this post
Send private message

Buying NZ based offers no benefits - and considering there isn't really much in the way of "service" it's very hard to differentiate between the thousands of resellers out there now except on price.

 

Letsencrypt is fine for personal, but when the going price of a cert us US$5 per year you don't need to bother with renewals if you just get 3yr certs.

 

 

 

 

 

 


53 posts

Master Geek
+1 received by user: 1


  Reply # 1836541 3-Aug-2017 13:26
One person supports this post
Send private message

I'd have to agree with the previous posts. We have been using the Let's Encrypt services for over a year now without any trouble. 

 

Many online services now use them for free certificates too - for example, the free certificates from SquareSpace come from Let's Encrypt. 

 

Amazon also give out free certificates with their services. 

 

I do notice that you mention that you'd like phone support. They will likely mean you'll need to pay a little more. We've used NameCheap and RapidSSLOnline, and they have (US) phone numbers listed. Perhaps give them a call and see how helpful they are?

 

 


13537 posts

Uber Geek
+1 received by user: 1648


  Reply # 1836545 3-Aug-2017 13:30
One person supports this post
Send private message

Or just buy one from your web host. You hardly need phone support too, you just get the host to install it. If it is shared hosting you may need to lease a dedicated IP as well, plus often there is an install cost too.


13537 posts

Uber Geek
+1 received by user: 1648


  Reply # 1836547 3-Aug-2017 13:31
Send private message

nigelramsay:

 

 

 

 Perhaps give them a call and see how helpful they are?

 

 

 

 

 

 

Getting the sense of a bit of sarcasm there :) Many providers from my experience will just have front line staff manning the phones that have little technical knowledge. SO it is often a waste of time even having phone support, that is if you can get through and are not on hold for ages.


53 posts

Master Geek
+1 received by user: 1


  Reply # 1836584 3-Aug-2017 14:12
Send private message

No sarcasm intended.

 

As I said, just give them a call and see what they're like. International calls these days are so close to free, there's nothing really to be lost. 

 

They always seem dead keen to chat when the certificates are due to be renewed. 


BDFL - Memuneh
59608 posts

Uber Geek
+1 received by user: 10777

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1836598 3-Aug-2017 14:32
3 people support this post
Send private message

Good advice on needing more information. For the sake of brevity though, if you don't need wildcard certificates (this is currently not available on Let's Encrypt but coming early 2018) then SSL2BUY is hard to beat. Or if you're talking about a public domain then you have the option of placing it behind Cloudflare and use their free certificates. 

 

Either way, as mentioned, SSL is only used to encrypt data in transit between the browser and the server. It doesn't guarantee data is safely stored or managed after it arrives on the server.







5 posts

Wannabe Geek


Reply # 1836738 3-Aug-2017 17:17
Send private message

Thanks Geekzoners! Some really helpful responses here. I'll investigate all these options further. 


 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

CPTPP text and National Interest Analysis released for public scrutiny
Posted 21-Feb-2018 19:43


Foodstuffs to trial digitised shopping trolleys
Posted 21-Feb-2018 18:27


2018: The year of zero-login, smart cars & the biometrics of things
Posted 21-Feb-2018 18:25


Intel reimagines data centre storage with new 3D NAND SSDs
Posted 16-Feb-2018 15:21


Ground-breaking business programme begins in Hamilton
Posted 16-Feb-2018 10:18


Government to continue search for first Chief Technology Officer
Posted 12-Feb-2018 20:30


Time to take Appleā€™s iPad Pro seriously
Posted 12-Feb-2018 16:54


New Fujifilm X-A5 brings selfie features to mirrorless camera
Posted 9-Feb-2018 09:12


D-Link ANZ expands connected smart home with new HD Wi-Fi cameras
Posted 9-Feb-2018 09:01


Dragon Professional for Mac V6: Near perfect dictation
Posted 9-Feb-2018 08:26


OPPO announces R11s with claims to be the picture perfect smartphone
Posted 2-Feb-2018 13:28


Vocus Communications wins a place on the TaaS panel
Posted 26-Jan-2018 15:16


SwipedOn raises $1 million capital
Posted 26-Jan-2018 15:15


Slingshot offers unlimited gigabit fibre for under a ton
Posted 25-Jan-2018 13:51


Spark doubles down on wireless broadband
Posted 24-Jan-2018 15:44



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.