----- Original Message ----- From: "Liam Delahunty" <liam at megaproducts.co.uk> To: <thelist at lists.evolt.org> Sent: Wednesday, March 24, 2004 8:31 PM Subject: Re: [thelist] Homegrown SSL : on 24/03/2004 08:41 david.landy wrote: : > Rob, : > : > "Home grown SSL cert"? Sounds v intruiging! I've often wondered how I could : > save myself forking out hundreds of £££ just for the privilege of having a : > secure site. Any clues how to do this? : > : > David : : A search with homegrown SSL led to the links below. : : to create your own CA: : http://www.pseudonym.org/ssl/ssl_cook.html : : Just to generate the cert on a server: : http://www.pseudonym.org/ssl/ssl_server_certs.html#request : : http://www.tiad.buffalo.edu/CertRequest.html : : Apache-SSL, : http://www.verisign.com/support/tlc/csr/ssleay/v01.html : apache mod_ssl : http://www.verisign.com/support/tlc/csr/modssl/v00.html : : These are self signed certificates, for an example visit the site : https://www.onlinesales.co.uk/ and you'll probably get a pop-up from : your browser telling you the certificate is okay but you haven't chosen : to trust the CA. That's why we pay for thawte etc certs as they are : already trusted by most browsers. I've not used them but a cheaper : alternative is geotrust. And for IIS & Certificates Services: http://www.pseudonym.org/ssl/ssl_cook.html or, if you do not want a CA, you can generate a self-signed cert: http://www.microsoft.com/downloads/details.aspx?FamilyID=56fc92ee-a71a-4c73-b628-ade629c89499&DisplayLang=en Cheers Ken