Home page logo

nanog logo nanog mailing list archives

Re: X.509 Certs For Personal Use
From: Christopher Morrow <morrowc.lists () gmail com>
Date: Sat, 18 Feb 2012 13:57:25 -0500

On Sat, Feb 18, 2012 at 10:44 AM, John Peach <john-nanog () johnpeach com> wrote:
On Sat, 18 Feb 2012 14:27:05 +0100
Phil Regnauld <regnauld () nsrc org> wrote:

toor (lists) writes:
I use http://www.startssl.com/ for all my personal certifcates. I have
not had any issues with the validations (once you have an account you
can validate a domain by sending an email to a predefined list of
contact addresses) and the certificates are issued instantly.

      "Your request is being held up for review by our personnel".

      Up to 6 hours. Must be their definition of instant :)

It's nice to see that they actually do random reviews, rather than just
issuing everything requested. I use startssl and have not had anything
held for review.

I've had most of mine held, but almost always I get a response in side
of 20 mins. Really, what I care about here is:
  1) cert validates in almost all clients (mozilla/chrome/mail.app)
  2) controlled/secured by my key, not something made up on the server side
  3) not paying money for random bytes.

it works and eddy's pretty quick on requests.




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]