10.06.02
Free Certs
Whoa! http://www.CACert.org sends out free security certificates that are good for 180 days… 6 months.
So I can run a secure server as long as i renew every 6 months. It would be pretty easy to perl/shell/apple-script something that would do that aoutmagically even.
I’ve included the originial text I found on a mailing list this weekend under the Read more link.
Hello mapdev,
While not being 100% complete, http://www.CACert.org can now automatically issue server certificates.
The way it works is as follows…
You need to have an account in the client certificate programme, this is to reduce fraudulent attempts to request certificates, once that’s done you can then log in to the server certificate section, you then have to register a domain, this is because the system only cares if you have rights to a domain not to a host, once the domain is verified by emailing common admin account (whois record checks, as well as the option of admin@, hostmaster@, postmaster@, root@)
The you simply send a CSR (certificate signing request) to the system, and it will then email you back a signed certificate…
Currently issued for 180 days of validity, to reduce the problems with fraudulently requested certificates…
However I’ll be coding a reissue option into the site which will expire an existing certificate and send you a new signed certificate that you just copy over the top of the old one…
—
Best regards,
evilbunny
http://www.cacert.org – Free Security Certificates
http://www.sydneywireless.com – Telecommunications Freedom