[Discuss] Who sells the least expensive SSL certs right now?
Bill Horne
bill at horne.net
Sun Dec 21 20:13:01 EST 2014
On 12/18/2014 6:40 PM, John Abreau wrote:
>
>
> On Thu, Dec 18, 2014 at 2:17 PM, Bill Horne <bill at horne.net
> <mailto:bill at horne.net>> wrote:
>
> In theory, we could put "our" root certificate in everyone's
> browser, but that's so much effort that it's not practical.
>
>
>
> That's what I did when I worked at Zuken. Part of my job was building
> laptops for everyone, on a 3-year refresh cycle, and as part of my
> standard build I installed my self-generated CA certificate into
> Firefox and Internet Explorer when I built each new laptop. I also
> added a page to the TWiki knowledge base explaining how to install the
> certificate so end-users could do it themselves if they chose.
That's awesome! How about doing a meeting on the subject of self-signed
certs and the pluses/minuses of using them?
ISTM that the CA's have made the certificate-generation process nearly
impossible to use, by adding extensions after extension to the
certificates so that end-users can't even create a "root" certificate
anymore. Let's have a presentation on how you did it!
Bill
--
E. William Horne
339-364-8487
More information about the Discuss
mailing list