Price required to supply and install SSL Certificate
- Thread starter ibaker
- Start date
Claudio
Well-known member
Don't pay anybody just yet, it's simple. Give it a try.
Get Let's Encrypt and run it the script, it will install the dependencies, and set your stuff up.
It will ask you a question about rewriting http traffic to https,
and xenforo has a manual about how to move to https within xenforo.
It's really simple, it's free. And done in 5 minutes.
Get Let's Encrypt and run it the script, it will install the dependencies, and set your stuff up.
It will ask you a question about rewriting http traffic to https,
and xenforo has a manual about how to move to https within xenforo.
It's really simple, it's free. And done in 5 minutes.
Mike Edge
Well-known member
Glad you didn't use Let's Encrypt as they are only 94% compatible, several mobile phones don't work with them including most Black Berry. Also they are known to crash cPanel. Free SSLs are free for a reason. What SSL was $1.000, never seen one that much, even a wild card or one that is processed, verified company docs and has your company name in the browser.
whynot
Well-known member
Installing it could cost a lot.
Mike Edge
Well-known member
If it's the domain in your sig, your only getting a "C" on your security https://www.ssllabs.com/ssltest/analyze.html?d=www.recreationalflying.com and your server is vulnerable to Heartbleed and Poodle. Also since you went the Comodo route. I hope you didn't pay the $1000 option, considering Name Cheap sells them for $9.00 as they are a cheap cert.. Though widely used due to the cheap price tag.....
webmastersun
Active member
@ibaker
If you are using WHM/cPanel then it is easy, don't need to pay anyone for enabling SSL for your websites, following this guide
https://forumweb.hosting/14994-installing-free-ssl-for-server-hostname-using-letsencrypt.html
if is mor easier if you even use Plesk control panel, activate SSL with just some clicks
Hope that helped.
Yeh, I am glad that for $1000 that black berry user got the xenforo page completely unusable on their phone. lol
lol768
Active member
It'll work on any device that supports SHA2 signed certificates where the ISRG *or* the IdenTrust root is present. Any devices that don't support SHA2 signed certificates are outdated - SHA1 has been known to be weak for about a decade and these certs are deprecated.
The devices it doesn't work on should be replaced with something less ancient.
Source for this claim? Sounds like a pretty crappy ACME client implementation if this is indeed true - and in any case you can always do it manually - I'm very sure this isn't a problem with Let's Encrypt. Once properly set-up with the webserver I cannot see how cPanel can be impacted by the CA you happen to use.
Yup, Let's Encrypt is free because Mozilla, the EFF and other sponsors wanted to make TLS accessible and easy to automate. It's not because, as you seem to insinuate, the service is of a poor quality. Indeed, Let's Encrypt has a better security track record than commercial CAs such as Symantec, StartCom and WoSign! Furthermore the ACME protocol is an open standard and has been scrutinised by many professionals to ensure the domain ownership verification process is secure.
I think the term you're looking for is "EV".
----------
I'd suggest doing some more reading on the ACME protocol and Let's Encrypt.
Mike Edge
Well-known member
I knew the term, though thanks. I was explaining it in layman terms.
Thanks for putting words to my thoughts, I just sat here going #smh, and left.