[URL=“http://www.cheapssls.com/”][/URL]I noticed that Rapid SSL and another type are available at good price on this site.
[URL]http://www.cheapssls.com/[/URL]
yes, it is a good price, but where do i manage my certificate? in comodo website? thanks!
[quote name=‘grabbags’]yes, it is a good price, but where do i manage my certificate? in comodo website? thanks![/quote]
Correct
…
If you have Cpanel you may want to start making a request from Cpanel.
Your host can do all this for you.
[quote name=‘Traveler’]If you have Cpanel you may want to start making a request from Cpanel.
Your host can do all this for you.[/QUOTE]
Therefore must be somewhere allows me to input csr so that it can allow me to download the cert. Where do I for the site seal, etc …
[quote name=‘grabbags’]yes, it is a good price, but where do i manage my certificate? in comodo website? thanks![/quote]
I don’t undrestand what do you mean. What do you want to manage? The cert infos and reissues, or something else?
[quote name=‘indy0077’]I don’t undrestand what do you mean. What do you will to manage? The cert infos and reissues, or something else?[/QUOTE]
Yes, to rekey, site seal, etc …
I don’t know really what is the problem, you do buy your cert, get the code, put it in the cPanel in your SSL cert field, place your seal on your page (image or code) and that is it.
[quote name=‘indy0077’]I don’t know really what is the problem, you do buy your cert, get the code, put it in the cPanel in your SSL cert field, place your seal on your page (image or code) and that is it.[/quote]
If you are fluent in issuing SSL certificates
→ Generate CSR from cPanel
→ Submit CSR to SSL Company
→ Receive CRT / CABundle from SSL Company
→ Install CRT + CSR + CABundle
→ Complete
Without a possibility to revoke, reissue, modify and more then you don’t have control over the SSL itself. Accordingly if the CSR is revealed to a third-party it’s possible to decrypt the information.
I don’t think it’s a “problem” perse, I just don’t think most people would want to email their CSR since it’s un-secure etc.
[quote name=‘JesseLeeStringer’]If you are fluent in issuing SSL certificates
→ Generate CSR from cPanel
→ Submit CSR to SSL Company
→ Receive CRT / CABundle from SSL Company
→ Install CRT + CSR + CABundle
→ Complete
Without a possibility to revoke, reissue, modify and more then you don’t have control over the SSL itself. Accordingly if the CSR is revealed to a third-party it’s possible to decrypt the information.
I don’t think it’s a “problem” perse, I just don’t think most people would want to email their CSR since it’s un-secure etc.[/QUOTE]
A very good summary.
I am curious if you have a SSl cert on your host.mydomain account in addition to your domain wouldn’t you be able to easily send safe emails?
Safe emails means encrypted ones. This has nothing to do with SSL which doesn’t encrypt email messages. SSL ensures that communication between your computer and [in your question] renote SMTP Mail server is secure. If you have control over it [mail server] you can set it up the way it will refuse non-SSL connections. You can also use secure POP3 to download emails, but they’re still not encrypted.
I don’t use POP3. We have MS Exchange 2003 installed with some extra bitis to secure our connections. No remote SMTP servers are involved or proxies.
[quote name=‘Traveler’]A very good summary.
I am curious if you have a SSl cert on your host.mydomain account in addition to your domain wouldn’t you be able to easily send safe emails?[/quote]
Echoing Norman, I consider anything to be retrievable to be insecure.
All email outbound and inbound is protected using self-signed SSL certificates but this doesn’t protect us if we get our physical desktops stolen.
The CSR is what the lock is made from, the Key can be re-engineered so accordingly I keep it secret. The only person whom knows my CSR is the server technician(s) and myself.
Noman and Jesse,
Thank you - I am enjoying this discussion.
I just called my webhost and it is my understanding that my email is safe while in transit.
On my local desktop and remote server the emails are indeed in plain text which is not good if there is sensitive information there.
Obviously I delete my IMAP emails that are sensitive from my desktop and remote server but I also use gmail so I am now wondering what happens after I delete Gmail emails are they really gone??