Educause Security Discussion mailing list archives

Re: SSL Certificates

From: Cal Frye <cjf () CALFRYE COM>
Date: Thu, 19 Mar 2009 10:51:59 -0400

Steven Tardy wrote:

we've used IPSCA SSL certificates for a year or two.
mostly on test/internal/non-forward facing projects, main ssl pages are
still thawte.
the only problems we've had were easily solved by proper configuration.


We've used IPSCA certs for about four years, now, and have replaced several. We tend to
use Thawte for public servers where anyone may connect, but are increasingly using IPSCA
certs on internal gear, such as network gear, our NAC and several database web servers for
student/staff use, with no issues, overall.

Steven is right, for internal users you can ask them to import the root certs if needed,
the issuing process is easy, and free is good. My boss is tech contact for oberlin.edu,
our CIO is admin contact, and I alert them when requesting a cert so they'll watch for the
approval email and deal with it.

--
Celebrating the 200th anniversary of Darwin's birth,
and the 150th anniversary of the publication of the Origin of Species.
-- Cal Frye, Network Administrator, Oberlin College
   Mudd Library, x.56930 -- CIT will NEVER ask you for your password!

   www.calfrye.com,  www.pitalabs.com

"Wit is educated insolence. " - Aristotle (284-322 B.C.)

Current thread:

Re: SSL Certificates, (continued)
- Re: SSL Certificates Jeff Giacobbe (Mar 17)
- Re: SSL Certificates Consolvo, Corbett D (Mar 17)
- Re: SSL Certificates John Ladwig (Mar 17)
- Re: SSL Certificates Gary Flynn (Mar 18)
- Re: SSL Certificates Brian Epstein (Mar 18)
- Re: SSL Certificates Ryan Fox (Mar 18)
- Re: SSL Certificates Charlie Prothero (Mar 18)
- Re: SSL Certificates Eric Torgersen (Mar 18)
- Re: SSL Certificates Doug Hoffman (Mar 18)
- Re: SSL Certificates Steven Tardy (Mar 18)
- Re: SSL Certificates Cal Frye (Mar 19)