[ale] Where to buy an SSL Certificate?

Jeremy T. Bouse jeremy.bouse at UnderGrid.net
Thu Feb 27 11:39:50 EST 2014


On 27.02.2014 09:31, Brian Mathis wrote:
> For any CA that your software doesnt know about, you generally just
> need to configure the intermediate cert bundle along with your sites
> actual cert, and the cert should validate with no issues.
>

Actually most any CA you're going to have to deploy an intermediate 
certificate if you've gotten a certificate in the last decade. Most 
every CA I know of has a root cert with a very long expiration that is 
placed in all the browsers by default and then they use an intermediate 
CA certificate that has something around a 5-7 year expiration to allow 
them to change it out more frequently without the burden of replacing 
the root CA in the browsers. I know I've required this from Verisign as 
far back as '03 so it's not something new just because "software doesn't 
know about it"


More information about the Ale mailing list