Glad someone else mentioned Geotrust.I have been using them since the early days of CSG and they are very good. You can also redo your SSL cert ( so long as it is the same FQDN) as many times as you like. ----- Original Message ----- From: Evan Mann To: thin@xxxxxxxxxxxxx Sent: Wednesday, May 10, 2006 11:11 PM Subject: [THIN] Re: Tip of the Week: Easy way for users to install Microsoft Certificate from your Web Interface Yup. Until I got involved, we did everything with VeriSign. Everyone knows their name, so people default to them. No good reason to do that however. I switched to GeoTrust under an Enterprise SSL agreement, which drops it down to $200/year for a 1 year on a "pay as you go" (uses a credit card), or $145/year if I buy a block of 5 SSL certs at 2 year duration up front, which gives you 2 extra free months I think. There are even higher discounts for bigger volumes. Thawte is also cheaper then VeriSign, and RapidSSL.com is one of the cheapest and still be fully trusted as part of the root certifies provided by Windows. We wanted to stay with a "big name", so it was VeriSign, Thawte, or GeoTrust, and I heard good things about GeoTrust customer service, so we ended up there. I'm happy with the choice, especially given the fact that I can have them pre-register domains, and once that occurs, I can order new SSL certs and approve them all by myself. Nice and quick. ------------------------------------------------------------------------------ From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of M Sent: Wednesday, May 10, 2006 5:38 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Tip of the Week: Easy way for users to install Microsoft Certificate from your Web Interface $1300 for an SSL cert ...... is that for real ? ----- Original Message ----- From: Jim Kenzig http://ThinHelp.com To: thin@xxxxxxxxxxxxx Sent: Wednesday, May 10, 2006 6:56 PM Subject: [THIN] Tip of the Week: Easy way for users to install Microsoft Certificate from your Web Interface Hi All, After my Verisign cert on my web interface got corrupted and I went to verisign to get a replacement and found that they wanted $100 to give me a copy of a cert that I paid $1300 for I said no more! So we installed a Microsoft Certificate on our web interface server. But now how to explain to 1300 users how to install it?? Ugh. Well I happened across Thomas Koetzing's tip on how to automatically install it via activeX. See: http://www.thomaskoetzing.de/index.php?option=com_content&task=view&id=61&Itemid=101 This tip gives you explicit instructions in the download on how to install the necessary files to make the private certificate load when the user accesses your web interface page via activeX. Of course not wanting to scare my users with ActiveX I went the route of just placing a link to an asp file I put on the server that loads the cert with two yes clicks by the user: http://support.microsoft.com/default.aspx?scid=kb;en-us;297681 The above article is a pretty much a copy and paste deal. Just copy the text and create a file and put it in your root Web interface directory. The only thing you need to change in the file is the location of where your certificate file resides on your server. I then just edited the /auth/header.inc file and put a link to the asp file I created from the above article. Works like a champ! Jim Kenzig CEO The Kenzig Group http://www.kenzig.com Sponsorships Available! Blog: http://www.techblink.com Terminal Services Downloads: http://www.thinhelp.com Windows Vista: http://www.VistaPop.com Virtualization: http://www.virtualize-it.com Games: http://www.stressedpuppy.com