[GTALUG] SSL Certs
Blaise Alleyne
email+libre at blaise.ca
Wed Mar 25 12:18:23 UTC 2015
On 24/03/15 02:27 PM, Tim Tisdall wrote:
> On Tue, Mar 24, 2015 at 1:51 PM, John Sellens <jsellens at syonex.com> wrote:
>> On Tue, 2015/03/24 12:25:49PM -0400, Tim Tisdall <tisdall at gmail.com> wrote:
>> | Hmm.. I don't remember seeing a limitation about commercial use. Do
>> | you have a link to that?
>>
>> I may have been mis-remembering (or it might have changed) or perhaps
>> I bumped up against
>>
>> http://www.startssl.com/?app=25#2
>>
>> which (I think) says that you can't have an organization or company name
>> in a free certificate.
>>
>> Actually, looking back in my mail archives, they declined to issue me
>> a certificate for a web hosting server in January 2013, and I think the
>> reason at that time was that it was business related.
>
> I think that's referring to the fact that they can only authenticate
> individuals for the free one. So the free certificate is going to
> contain the person's name that they authenticated. When I used it, I
> don't remember trying to add a company name so you're probably right
> that they don't allow you to add one unless you go for the next level
> of cert (the one you buy).
>
> Any way, none of this precludes someone at GTALUG creating a
> certificate for the mailserver's domain name and securing the
> necessary pages. You just have to use their automated system to prove
> you are who you are and that you own (or have control over) the domain
> name in question. The benefit is that pretty much every browser
> already has startssl's CA included.
>
Yeah, I'm pretty sure that just means organization validation is not available
at the free tier. (I'm validated as an individual and an organization.)
They're pretty strict about WHOIS information matching the validation when
issuing certificates now, so they might have declined your certificate not
because it was on the free tier but possibly if you're WHOIS information was for
your business but the free certificate only gets linked to an individual.
More information about the talk
mailing list