|
|
| Line 2: |
Line 2: |
| =Getting certificate signed by recognized CA= | | =Getting certificate signed by recognized CA= |
|
| |
|
| It is very important to use certificates signed by recognized CA instead of self-signed certificates to avoid man-in-the-middle attack. At the time of writing GoDaddy seemed like a good choice for CA as described below. | | It is very important to use certificates signed by recognized CA instead of self-signed certificates to avoid man-in-the-middle attack. |
|
| |
|
| ==GoDaddy CA==
| | For SSL certificates from lets encrypt refer [[Installing lets-encrypt SSL certificate]] |
| www.godaddy.com or GoDaddy offers best cost for equal security in comparison to other CAs. Also, it is recognized as CA by all modern browsers. Most of the interaction with GoDaddy is online through well built website, making it very easy to operate with GoDaddy. Further considerable documentation related to certificate service is available on Godaddy website. Links to important FAQ pages are pasted below for reference:
| |
|
| |
|
| | | If the lets encrypt certificates need to be installed in Zimbra then refer [[http://rekallcm1/notes_wiki/index.php/CentOS_7.x_Install_lets_encrypt_automated_SSL_certificate_in_Zimbra]] |
| ===Go daddy useful links===
| |
| * Generating SSL certificate request
| |
| *:http://support.godaddy.com/help/article/5269/generating-a-certificate-signing-request-csr-apache-2x
| |
| *Downloading SSL certificate from GoDaddy website
| |
| *:http://support.godaddy.com/help/article/4754/downloading-an-ssl-certificate
| |
| *Revoking SSL certificate
| |
| *:http://support.godaddy.com/help/article/4747/revoking-an-ssl-certificate
| |
| *Intranet and reserved IP usage in certificates
| |
| *:http://support.godaddy.com/help/article/6935/using-intranet-and-reserved-ip-addresses-as-the-primary-domain-or-subject-alternative-name-in-ssls
| |
| *Changing comman name
| |
| *:http://support.godaddy.com/help/article/5616/changing-the-common-name-of-a-certificate
| |
| *SSL certificate installation in server
| |
| *:http://support.godaddy.com/help/article/5346/installing-an-ssl-server-instructions
| |
| *Installing SSL certificate in apache
| |
| *:http://support.godaddy.com/help/article/5238/installing-an-ssl-certificate-in-apache
| |
| *Requesting a Standard or Wildcard SSL certificate
| |
| *:http://support.godaddy.com/help/article/562/requesting-a-standard-or-wildcard-ssl-certificate
| |
| *List of browsers with GoDaddy preinstalled CA
| |
| *:http://support.godaddy.com/help/article/1139/which-browsers-and-devices-are-your-ssl-certificates-compatible-with
| |
| *Requesting Deluxe SSL certificate
| |
| *:http://support.godaddy.com/help/article/2611/requesting-a-deluxe-ssl-certificate
| |
| *Uploading documents for SSL request
| |
| *:http://support.godaddy.com/help/article/5249/uploading-documents-for-your-ssl-request
| |
| *Viewsing SSL certificate request progress
| |
| *:http://support.godaddy.com/help/article/862/viewing-the-progress-of-your-ssl-certificate-request
| |
| *Determining how long it takes to issue SSL certificate
| |
| *:http://support.godaddy.com/help/article/858/determining-how-long-it-takes-to-issue-an-ssl-certificate
| |
| *Information that gets validated for an SSL certificate
| |
| *:http://support.godaddy.com/help/article/859/explaining-what-information-we-validate-to-approve-ssl-certificates
| |
| *Finding certificate information
| |
| *:http://support.godaddy.com/help/article/859/explaining-what-information-we-validate-to-approve-ssl-certificates
| |
| *What is intermediate certificate
| |
| *:http://support.godaddy.com/help/article/868/what-is-an-intermediate-certificate
| |
| *What happens if intermediate certificates are not installed
| |
| *:http://support.godaddy.com/help/article/870/what-happens-if-i-dont-install-intermediate-certificates
| |
| *Difference between Deluxe and Standard SSL certificate
| |
| *:http://support.godaddy.com/help/article/854/what-is-the-difference-between-a-deluxe-and-a-standard-ssl-web-server-certificate
| |
| *What is the encryption strength of your SSL certificate
| |
| *:http://support.godaddy.com/help/article/848/what-is-the-encryption-strength-of-your-ssl-certificates
| |
| *What is criteria for accepting domain authorization letters
| |
| *:http://support.godaddy.com/help/article/5551/what-is-your-criteria-for-accepting-domain-authorization-letters
| |
| *How do I get domain authorization letter
| |
| *:http://support.godaddy.com/help/article/863/how-do-i-get-a-domain-authorization-letter
| |
| *How to check if certificate is vulnerable ::
| |
| *:http://support.godaddy.com/help/article/5044/how-do-i-know-my-secure-certificate-is-safe-from-vulnerabilities
| |
| *Determining type of certificate being used by a website ::
| |
| *:http://support.godaddy.com/help/article/5045/determining-the-type-of-ssl-certificate-a-website-is-using
| |
| *Verifying certificate validity (CRL/OCSP) ::
| |
| *:http://support.godaddy.com/help/article/6723/verifying-a-certificates-validity-on-your-computer#verification
| |
|
| |
|
|
| |
|
| <yambe:breadcrumb>Internet_tips_and_tricks|Internet tips and tricks</yambe:breadcrumb> | | <yambe:breadcrumb>Internet_tips_and_tricks|Internet tips and tricks</yambe:breadcrumb> |
