Educause Security Discussion mailing list archives
Re: Free SSL certs for .edu by company included in browser lists
From: "Br. Kenneth Arnold" <bkarnold () CBU EDU>
Date: Fri, 17 Nov 2006 09:49:36 -0600
We have three processes using certificates from ipsCA and will be adding a fourth process soon. My experience has been: 1. The price is very reasonable. Free for two years to edu domains and very inexpensive after that. 2. All of our certificates are on Oracle Application Server so far. 3. The root CA certificate of ispCA and an intermediate certificate needed to be loaded into the Oracle wallet in order to recognize the user certificate. Supposedly something similar needs to be done on Apache. 4. They use the names and email addresses on domain registration to verify that the request is valid. If the person requesting the certificate if one of the names on domain registration, the certificate is generated without any further verification. If someone else requests a certificate, that request must be verified by one of the names on domain registration. 5. They have customer service but my one experience using that service took about 1-2 weeks to get an answer. 6. Their website is very easy to use. 7. We have two certificates that we use for UW email from Thawte. The only email product that they support seems to be Courier IMAP so we intend to stay with Thawte on those certificates when they expire. 8. Their website claims "IpsCA root certificate is present in more than 98% of today's browsers Internet Explorer, Mozilla and Firefox". We have not had any complaints yet from people who had browsers that did not recognize their root certificate in their browser. My recommendation is that if you can use their website to generate a certificate and if you can use their instructions to get the certificate working properly, then use their certificate on your process. If you have any problems that would require you to contact customer service, go with a different certificate authority. Brother Kenneth Arnold At 08:51 AM 11/17/2006, you wrote:
Anyone using these folks or know anything about them: http://certs.ipsca.com/ They also advertise wild card certs with no limit on hosts for $276.00/year. http://certs.ipsca.com/Products/ipsca_ssl_Wildcard_certificates.ASP -- Gary Flynn Security Engineer James Madison University www.jmu.edu/computing/security
Brother Kenneth Arnold, FSC Director of Network Systems Christian Brothers University Information Technology Services (901) 321-4333
Current thread:
- Free SSL certs for .edu by company included in browser lists Gary Flynn (Nov 17)
- <Possible follow-ups>
- Re: Free SSL certs for .edu by company included in browser lists Charlie Prothero (Nov 17)
- Re: Free SSL certs for .edu by company included in browser lists Vuong Phung (Nov 17)
- Re: Free SSL certs for .edu by company included in browser lists Br. Kenneth Arnold (Nov 17)
- Re: Free SSL certs for .edu by company included in browser lists Consolvo, Corbett (Nov 17)
- Re: Free SSL certs for .edu by company included in browser lists Jeff Giacobbe (Nov 17)
- Re: Free SSL certs for .edu by company included in browser lists Steve Lovaas (Nov 17)
- Re: Free SSL certs for .edu by company included in browser lists Dick Jacobson (Nov 17)
- Re: Free SSL certs for .edu by company included in browser lists Steve Lovaas (Nov 17)
- Re: Free SSL certs for .edu by company included in browser lists Julian Thompson (Nov 17)