CentOS - Jan 2010 - Get Me Outta Here! Web site security issue

Hi All,

I have a CentOS 5.4 web server. I have some stuff that runs on 443.

When I hit https://<the site> 

The user gets a warning saying that site identity could not be verified and the
user can add an exception if they want.

How do I stop this from happing? Do I need to buy an SSL cert? Aren't these
really expensive per server and I have 5 servers I would need to do this too.

Can anyone provide advice?

-Jason

> The user gets a warning saying that site identity could not 
> be verified and the user can add an exception if they want.
Those are SSL Cert warnings.  You will get to get a signed
cert to avoid them.

SSL Certs are pretty cheap now.  

http://startssl.org will generate certs for free but you
have to register and jump through a few hoops.

	Neil

--
Neil Aggarwal, (281)846-8957, http://UnmeteredVPS.net/centos
CentOS 5.4 VPS with unmetered bandwidth only $25/month!
No overage charges, 7 day free trial, PayPal, Google Checkout

Slack-Moehrle wrote on Tue, 12 Jan 2010 12:18:15 -0800 (PST):
> How do I stop this from happing? Do I need to buy an SSL cert?
Either that or allow the exception or import the CA cert to the browser.
This is not a CentOS issue at all. Folks, please keep off-topic questions 
off the list.

Kai

-- 
Get your web at Conactive Internet Services: http://www.conactive.com

> Hi All,
>
> I have a CentOS 5.4 web server. I have some stuff that runs on 443.
>
> When I hit https://<the site>
>
> The user gets a warning saying that site identity could not be verified
> and the user can add an exception if they want.
>
> How do I stop this from happing? Do I need to buy an SSL cert? Aren't
> these really expensive per server and I have 5 servers I would need to do
> this too.
>
The *only* way is to buy certs. And it'll be one for each sitename. And
you'll have to answer a *lot* of questions.... Security's cranking up,
esp. if you're accepting credit cards, in which case it's *really*
ratcheted up.

       mark

> How do I stop this from happing? Do I need to buy an SSL cert? Aren't 
> these really expensive per server and I have 5 servers I would need to 
> do this too.
Yes.  You need one SSL certificate per site.  Although I've never bought 
an SSL certificate, I have looked at www.rapidsslonline.com .. their rapid 
ssl is I think $18/year and less if you buy for multiple years.  If all of 
your websites are under the same domain, you could buy a wildcard cert as 
well.

HTH,
Barry

On Tue, Jan 12, 2010 at 3:18 PM, Slack-Moehrle
<mailinglists at mailnewsrss.com> wrote:
> I have a CentOS 5.4 web server. I have some stuff that runs on 443.
> When I hit https://<the site>
> The user gets a warning saying that site identity could not be verified and
the user can add an exception if they want.
> How do I stop this from happing? Do I need to buy an SSL cert? Aren't
these really expensive per server and I have 5 servers I would need to do this
too.
You can get a RapidSSL certificate (single root which is easier to
install) from Namecheap for $10.95 a year.
http://www.namecheap.com/learn/other-services/cheap-ssl-certificate-rapidssl.asp


Or, you can get a free SSL certificate, with Intermediate
certificates, which are a little harder to install, from StartSSL.
I got one of those.
http://www.startssl.com/

Each site needs an SSL certificate and a Dedicated IP address.