Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




4 posts

Wannabe Geek


Topic # 220279 3-Aug-2017 11:20
Send private message quote this post

Secure Certificates (SSL Certificates) are a must have in e-commerce to keep credit card details safe on the web, but these are now becoming required by Google if you collect any type of information via your website. Makes sense right? Google maintains its market edge by providing the best results and a secure site is becoming part of what makes a good list of website results. In short, if you want your website to rank well in Google you should have an SSL Certificate.

 

Can anyone recommend a New Zealand based Secure Certificate seller that has good service, preferably with phone support.


View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
6393 posts

Uber Geek
+1 received by user: 2833

Moderator
Trusted
Subscriber

  Reply # 1836395 3-Aug-2017 11:24
4 people support this post
Send private message quote this post

You don't need NZ based. Just use LetsEncrypt and be done with it. No point adding complexity on something that should be automated and once a SSL certificate is loaded you just need a process to handle renewal (which LetsEncrypt does).





Michael Murphy | https://murfy.nz
Want to be with an epic ISP? Want $20 to join them too? Well, use this link to sign up to BigPipe!
The Router Guide | Electric KiwiCommunity UniFi Cloud Controller | Ubiquiti Edgerouter Tutorial


12876 posts

Uber Geek
+1 received by user: 2111

Trusted
Subscriber

  Reply # 1836396 3-Aug-2017 11:24
Send private message quote this post

Why do you need an NZ based reseller or phone support? Just use a free Let's Encrypt certificate, unless you need identity verification for e-commerce.





AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer


 
 
 
 


11 posts

Geek
+1 received by user: 2


  Reply # 1836398 3-Aug-2017 11:26
One person supports this post
Send private message quote this post

Honestly, if you can, I'd recommend using Lets Encrypt (https://letsencrypt.org/) over any of the commercial Certificate Authorities.  It's free and automated.  


14063 posts

Uber Geek
+1 received by user: 3390

Trusted
Subscriber

  Reply # 1836458 3-Aug-2017 11:49
2 people support this post
Send private message quote this post

If you do want a commercial one, SSL2BUY has been awesome in the past 5 years we have used them.


2002 posts

Uber Geek
+1 received by user: 588

Subscriber

  Reply # 1836482 3-Aug-2017 12:11
3 people support this post
Send private message quote this post

Used Digicert and always been happy with them. I see they have just purchased Symantecs certificate business too.


IcI

367 posts

Ultimate Geek
+1 received by user: 76

Trusted

  Reply # 1836518 3-Aug-2017 12:57
Send private message quote this post

michaelmurfy: You don't need NZ based. Just use LetsEncrypt and be done with it. No point adding complexity on something that should be automated and once a SSL certificate is loaded you just need a process to handle renewal (which LetsEncrypt does). 

 

timmmay: Why do you need an NZ based reseller or phone support? Just use a free Let's Encrypt certificate, unless you need identity verification for e-commerce. 

 

baplaski: Honestly, if you can, I'd recommend using Lets Encrypt (https://letsencrypt.org/) over any of the commercial Certificate Authorities.  It's free and automated.

 

Sorry, but Letsencrypt is not the solution to every problem. Does catchlight need a certificate that is valid for longer than 90 days? Must the certificate be a domain validated cert or must it have extended validation? Does he run his own web server or does he have a hosted solution? If he is using his own web server, is he running IIS? Initially, Letsencrypt did not support IIS.

 

Let's get catchlight to provide more context so that we can answer with something applicable. Especially as SSL certificate DO NOT keep credit card data safe. SSL certificates encrypt the traffic between the browser and the server. That does not mean the CC data is stored securely in the DB or cached securely on the web server. Other solutions are required for that.

 

catchlight could mint his/her own SSL certificate and does not need to buy one. That would also give him/her a valid SSL certificate. It just wouldn't be trusted by major browsers.


12876 posts

Uber Geek
+1 received by user: 2111

Trusted
Subscriber

  Reply # 1836529 3-Aug-2017 13:10
Send private message quote this post

IcI:

 

 

 

Sorry, but Letsencrypt is not the solution to every problem. Does catchlight need a certificate that is valid for longer than 90 days? Must the certificate be a domain validated cert or must it have extended validation? Does he run his own web server or does he have a hosted solution? If he is using his own web server, is he running IIS? Initially, Letsencrypt did not support IIS.

 

Let's get catchlight to provide more context so that we can answer with something applicable. Especially as SSL certificate DO NOT keep credit card data safe. SSL certificates encrypt the traffic between the browser and the server. That does not mean the CC data is stored securely in the DB or cached securely on the web server. Other solutions are required for that.

 

catchlight could mint his/her own SSL certificate and does not need to buy one. That would also give him/her a valid SSL certificate. It just wouldn't be trusted by major browsers.

 

 

That's all true, but for many common scenarios it's a good choice. 





AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer




4 posts

Wannabe Geek


  Reply # 1836531 3-Aug-2017 13:14
Send private message quote this post

Thanks all for your replies. If it was just a personal website, I would probably go with Let's Encrypt, but even then the 90-day renewal thing seems like a bit of a pain. Though it sounds like it can be automated??

 

I'm looking to buy SSL Certificates for my website clients and was after a good service for doing this here in NZ. Correct, they'll probably just buy them from the US anyway, but I was after good service at a reasonable cost. By good service, I mean people who are accessable and knowledgeable enough to help out when if get stuck. :) 

 

 

 

 


25196 posts

Uber Geek
+1 received by user: 5040

Moderator
Trusted
Biddle Corp
Subscriber

  Reply # 1836538 3-Aug-2017 13:24
One person supports this post
Send private message quote this post

Buying NZ based offers no benefits - and considering there isn't really much in the way of "service" it's very hard to differentiate between the thousands of resellers out there now except on price.

 

Letsencrypt is fine for personal, but when the going price of a cert us US$5 per year you don't need to bother with renewals if you just get 3yr certs.

 

 

 

 

 

 


53 posts

Master Geek
+1 received by user: 1


  Reply # 1836541 3-Aug-2017 13:26
One person supports this post
Send private message quote this post

I'd have to agree with the previous posts. We have been using the Let's Encrypt services for over a year now without any trouble. 

 

Many online services now use them for free certificates too - for example, the free certificates from SquareSpace come from Let's Encrypt. 

 

Amazon also give out free certificates with their services. 

 

I do notice that you mention that you'd like phone support. They will likely mean you'll need to pay a little more. We've used NameCheap and RapidSSLOnline, and they have (US) phone numbers listed. Perhaps give them a call and see how helpful they are?

 

 


12942 posts

Uber Geek
+1 received by user: 1494


  Reply # 1836545 3-Aug-2017 13:30
One person supports this post
Send private message quote this post

Or just buy one from your web host. You hardly need phone support too, you just get the host to install it. If it is shared hosting you may need to lease a dedicated IP as well, plus often there is an install cost too.


12942 posts

Uber Geek
+1 received by user: 1494


  Reply # 1836547 3-Aug-2017 13:31
Send private message quote this post

nigelramsay:

 

 

 

 Perhaps give them a call and see how helpful they are?

 

 

 

 

 

 

Getting the sense of a bit of sarcasm there :) Many providers from my experience will just have front line staff manning the phones that have little technical knowledge. SO it is often a waste of time even having phone support, that is if you can get through and are not on hold for ages.


53 posts

Master Geek
+1 received by user: 1


  Reply # 1836584 3-Aug-2017 14:12
Send private message quote this post

No sarcasm intended.

 

As I said, just give them a call and see what they're like. International calls these days are so close to free, there's nothing really to be lost. 

 

They always seem dead keen to chat when the certificates are due to be renewed. 


BDFL - Memuneh
58511 posts

Uber Geek
+1 received by user: 9949

Administrator
Trusted
Geekzone
Subscriber

  Reply # 1836598 3-Aug-2017 14:32
3 people support this post
Send private message quote this post

Good advice on needing more information. For the sake of brevity though, if you don't need wildcard certificates (this is currently not available on Let's Encrypt but coming early 2018) then SSL2BUY is hard to beat. Or if you're talking about a public domain then you have the option of placing it behind Cloudflare and use their free certificates. 

 

Either way, as mentioned, SSL is only used to encrypt data in transit between the browser and the server. It doesn't guarantee data is safely stored or managed after it arrives on the server.







4 posts

Wannabe Geek


Reply # 1836738 3-Aug-2017 17:17
Send private message quote this post

Thanks Geekzoners! Some really helpful responses here. I'll investigate all these options further. 


 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Public Wi-Fi plus cloud file sharing
Posted 18-Aug-2017 11:20


D-Link NZ launches professional Wireless AC Wave 2 Access Point for businesses
Posted 17-Aug-2017 19:25


Garmin introduces the Rino 700 five-watt two-way handheld radio
Posted 17-Aug-2017 19:04


Garmin announces the Foretrex 601 and Foretrex 701 Ballistic Edition for outdoor and tactical use
Posted 17-Aug-2017 19:02


Brightstar announces new distribution partnership with Samsung Knox platform in Australia
Posted 17-Aug-2017 17:07


Free gig-enabled WiFi network extends across Dunedin
Posted 17-Aug-2017 17:04


Samsung expands with connect Gear S3 Frontier
Posted 17-Aug-2017 15:55


Fact-checking Southern Cross Next cable is fastest to USA
Posted 17-Aug-2017 13:57


Thurrott says Microsoft Surface is dead last for reliability
Posted 16-Aug-2017 15:19


LibreOffice 5.4 works better with Microsoft Office files
Posted 16-Aug-2017 13:32


Certus launches Cognition
Posted 14-Aug-2017 09:31


Spark adds Cambridge, Turangi to 4.5G network
Posted 10-Aug-2017 17:55


REANNZ network to receive ongoing Government funding through to 2024
Posted 10-Aug-2017 16:05


Chorus backhaul starts with 2degrees
Posted 10-Aug-2017 15:49


New Zealanders cool on data analytics catching benefit fraud
Posted 10-Aug-2017 09:56



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.