[dev] [en] SSL certificate: which one ?
Goffi
goffi at goffi.org
Mar 25 Mar 12:08:24 CET 2014
G'day,
as Souliane as implemented https support in Libervia, we now need a certificate
for libervia.org serveur/Libervia instance. I'd like your advices for the
following options:
- self-signed certificate:
PROS:
* free
* easy and quick to do
CONS:
* can't do authentification
* warning in browsers
* not accepted in xmpp.net security test
- CAcert (https://www.cacert.org/):
PROS:
* free
* based on community, not commercial, more on less in the spirit of
SŕT
* accepted in xmpp.net security test
CONS:
* warning in browsers
* recently removed from Debian and Ubuntu, its seems that there are
some security concerns according to the bugs comments
(https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718434)
- StartSSL (https://startssl.com/):
PROS:
* free for Class 1
* no warning in browsers
CONS:
* Non commercial use (SŕT is not commercial, but as we are planing
to create a cooperative and to have salaries, we must check the terms of use)
* only one domain and one subdomain
* free certificate is 1 year only (but it can be renewed)
OK, so what's you opinion ? Do you have any other option ? It's possible to
have a self-signed certificate first, and change later.
Cheers
Goffi
Plus d'informations sur la liste de diffusion dev