On 05/04/2011 10:29, Bill Hayles wrote:
>> is it advisable to sign your own certificates to use on a production
>> environment?
>
> I think a lot depends on your particular circumstances.
>
> My server is a "production environment" in that it's publicly available, roughly
> twenty people rely on it for the e-mail and several hundred more are members
> of my mailing lists.
>
> However, it is non commercial, i.e. funded out of my own pocket, and those
> who have e-mail addresses are there either by their request or my invitation.
>
> I feel perfectly justified in using self certification, as I am unwilling to
> pay the considerable sum required for verification. It hasn't caused me any
> real difficulties.
>
> On the other hand, if I were the postmaster of a large organisation, I would
> feel differently.
StartSSL offer free SSL certificates -
https://www.startssl.com/?app=1 -
I use them for my website at
https://grepular.com/ because all modern
browsers contain their root.
I use a free certificate from cacert.org for mail submission. Mainly for
historical purposes. I'll probably move that over to StartSSL as well
when it expires.
--
Mike Cardwell
https://grepular.com/ https://twitter.com/mickeyc
Professional
http://cardwellit.com/ http://linkedin.com/in/mikecardwell
PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
