PDA

View Full Version : [other] Can this be done over HTTPS?



TimeDistort12
July 17th, 2011, 01:46 PM
Is it possible to provide encryption over HTTPS without a certificate?

I can't afford a certificate from a CA, but I do want to provide encryption with my website... without a self-signed certificate because I hate that screen popping up on the clients computer on first visits.

Is there another way it can be done?

bodhi.zazen
July 17th, 2011, 02:46 PM
A self-signed certificate is the best option. Some sites offer free certificates, but I always use a self signed certificate. The only place a self signed certificate would be inappropriate would be financial transactions, and in that event purchase a certificate, they are not *that* expensive.

HermanAB
July 17th, 2011, 07:04 PM
Use StartSSL. It is just as bad as any other:
http://www.startssl.com/

Dave_L
July 17th, 2011, 08:25 PM
What about this:

How do I create a real SSL Certificate?
http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#realcert

How do I create and use my own Certificate Authority (CA)?
http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#ownca

HermanAB
July 18th, 2011, 06:49 AM
The users will still get a warning the first time, because your CA is not in the browser already, unless you spoof an existing CA.

Dave_L
July 18th, 2011, 11:21 AM
Yes, I would expect that. I was merely asking whether the apache.org article was correct.