Free SSL certificates without the browser warning? Yes! It’s possible!

When I need SSL encryption for some admin panel on one of my websites I usually use the snakeoil certificate that comes with the installation of the ubuntu OS (/etc/ssl/certs/ssl-cert-snakeoil.pem). But I can not use this method for a serious web page where I would like to provide ssl for the visitors. The browsers will warn as the certificate was not signed by a well known certificate authority (CA).

The reason you might not want a CA to sign your certificate is that it costs money, at least that is what I have been thinking till now.
I just found this CA: http://www.startssl.com

Their site looks like crap (sorry) and they do not seem to be that well known. But their site works very well and you can get your signed CA for free in just a few minutes!

Tell your webmaster friends! 😀

This is how I generate my certificate signing request (CSR):

Then I use the website.com.csr at the startssl.com website to get my certificate which I save as: website.com.crt
You also need some intermediate certificates installed on your server. Read more about that here: http://www.startssl.com/?app=25#31

After that my apache configuration for the website looks like this:

By | 2011-03-28T11:48:20+00:00 August 7th, 2010|Uncategorized|0 Comments

Leave A Comment