[haiku-web] Re: Authentication with Drupal

  • From: Oliver Tappe <zooey@xxxxxxxxxxxxxxx>
  • To: haiku-web@xxxxxxxxxxxxx
  • Date: Thu, 26 Nov 2009 17:05:33 +0100

Hi Urias,

On 2009-11-26 at 15:49:37 [+0100], Urias McCullough <umccullough@xxxxxxxxx> 
wrote:
> On Wed, Nov 25, 2009 at 6:02 PM, Urias McCullough <umccullough@xxxxxxxxx> 
> wrote:
> >> I'll check on the wildcard (*.haiku-os.org) support shortly to make sure.
> >
> > Looks like: "yes", when you specify the domain, we must type in
> > *.haiku-os.org to get a wildcard cert, it's then up to individual
> > browsers to support it or not (which apparently most do).
> 
> I spoke too soon, the free cert for open source is not a wildcard
> cert, and only supports <domain> and www.<domain>. Based on this new
> understanding, it seems a wildcard SSL cert from godaddy is ~$200 USD
> for the "unliminted subdomains" version (which is confusing as hell
> based on their FAQ).
> 
> Here's the email response from their support staff:
> 
> --------------------------------
> Thank you for contacting online support.
> 
> Unfortunately, that offer is for a Standard Turbo SSL certificate and
> not for a Wildcard SSL. We apologize for the confusion.  If you would
> like to purchase an SSL certificate, please see this URL:
> http://www.godaddy.com/gdshop/ssl/ssl.asp?ci=9039
> 
> Please let us know if we may be of any further assistance.
> --------------------------------
> 
> I found a cheaper location that even gets better reviews: StartCom -
> http://www.startssl.com/
> 
> They have class 2 verified wildcard certs for $40 USD/year:
> http://www.startssl.com/?app=40
> 
> If we just one a cert for the Drupal site, I vote we go with Godaddy
> for free, 1 year, but if we want a cert for all our services on
> haiku-os.org - I vote we go with StartCom.

I'd say we should really go for a wildcard certificate - the cost differences 
are not *that* much and it makes sense to (at least be able to) protect all 
our services.

The thing with the CAs is: are they known by the common browsers? Because if 
they're not, we could just as well sign our own certificate and avoid all 
costs. Signed certificates from CA which are unknown to browsers don't cut 
it, IMHO.

cheers,
        Oliver
-----------------------------------------------------------------------
haiku-web@xxxxxxxxxxxxx - Haiku Web & Developer Support Discussion List

Other related posts:

  1. Home
  2. haiku-web
  3. Archive
  4. 11-2009