Free Chinese certificates: yay or nay?
#21
Are this Chinese certificates safe?
With Let's Encrypt and StartSSL i don't see a reason to use this ones.
#22
(2016-08-18, 12:01:05 am)Revenge Wrote:  With Let's Encrypt and StartSSL i don't see a reason to use this ones.

LE is very short-duration certificates, and requires  a client that is constantly connecting to LE servers to accomplish its goals. Start SSL doesn't provide as much as wosign.

As for safety... as long as you generate the CSR yourself and take appropriate measures like PKP, you should be fine. I've used Wosign for about a year now with no issue.
Giveaway Manager, FreeVPS Directory and Discussion

Also a big fan of Anime, see my poor taste here.
#23
I think these certificates are kind of a trial for the company to see how much people desire their products. Short term I think the introduction of a new system is good but long term wise it would create a conflict and they would eventually force you to pay for their services.
[Image: 5d79e0f7c0732ca3a1c85a3e5f4f9498.gif]                                                                                    [Image: thapple.gif~c200]
#24
(2016-08-18, 4:00:16 am)Goldengate Wrote:  I think these certificates are kind of a trial for the company to see how much people desire their products. Short term I think the introduction of a new system is good but long term wise it would create a conflict and they would eventually force you to pay for their services.

Wosign has been around for a while, and startssl has been around longer... Though you do have the right idea. What you have to remember is that the free certs are only DV certs. Big ecom companies are going to want EV or better, which are paid.
Giveaway Manager, FreeVPS Directory and Discussion

Also a big fan of Anime, see my poor taste here.
#25
Not a bad find, awaiting the tutorial so I can experiment with it.
[Image: img.php?userid=8551]
#26
(2016-08-18, 9:22:43 pm)Translucent Wrote:  Not a bad find, awaiting the tutorial so I can experiment with it.

The guide has already been made (atleast for nginx).

URL: https://freevps.us/thread-16900.html
#27
(2016-08-18, 1:32:04 am)Scáth Wrote:  LE is very short-duration certificates, and requires  a client that is constantly connecting to LE servers to accomplish its goals. Start SSL doesn't provide as much as wosign.

As for safety... as long as you generate the CSR yourself and take appropriate measures like PKP, you should be fine. I've used Wosign for about a year now with no issue.

Its 3 month certs, but is as simple as configure a cron every to run every 2 or 3 months: certbot-auto renew
Simple as that, and you would never need to worry again with updating your cert.
#28
For LE, there are simpler 3rd party scripts also. With clearer and shorter code and good followings.
Many thanks to Freevps, Chris (cw1998), The Guy( ID 4810), optimus, GHP and the other  staff members.
#29
(2016-08-18, 11:58:06 pm)Revenge Wrote:  Its 3 month certs, but is as simple as configure a cron every to run every 2 or 3 months: certbot-auto renew
Simple as that, and you would never need to worry again with updating your cert.


By them being three months you are simply risking your productivity by replenishing your certificate. I am not against for them for providing a free service but they remind me of dot.tk when it started asking for money after I renewed my domain after one year. They also did some suspension of my domains and later when I tried to get them it asked me for money. I would rather have a paid certificate than a free one because we can never sure if they are truly free or not, true legit free stuff are just rare.
[Image: 5d79e0f7c0732ca3a1c85a3e5f4f9498.gif]                                                                                    [Image: thapple.gif~c200]
#30
Then just don't use this.
I use Let's Encrypt with https://zerossl.com as my client.
It's gives a free 90 day span CRT with free renewals.
Wildcard support is expected in the possible future.




Users browsing this thread: 1 Guest(s)