Are there SSL certificate providers for sites with admin panels for issuing HTTPS certificates?

D

Dmitry Timofeev2017-02-25 14:16:54

Cryptography

Dmitry Timofeev, 2017-02-25 14:16:54

The fashion for SSL is growing, let's not talk about the root causes, I'll focus on the task.
I have more than one site to deal with - about 5-10 sites need to be translated to SSL.
There is a question about the admin panel of these certificates. Buy certificates from nic.ru - I don't like their prices :)
Chest of drawers says on their website - certificates are sent by mail.
I tried to order - a shoemaker without boots, the whole process via HTTP, with the issuance of a private key.
Therefore, the question is, are there any providers with a certificate admin panel?
Built-in hosting will not work - your own IIS.
PS: I know that there is Let's Encrypt, but it does not suit me.
And the question is not about the supplier, but about the sane interface for working with certificates .

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

H

HighMan, 2017-02-25
@HighMan

You are confusing something. Root, i.e. CA.key only for you. Based on it, you generate a CSR request certificate. And then you get certified company.crt & conpany.key from the certification authority. These certificates can be reissued in case of compromise or some other trouble. Us chest of drawers reissued EV certificates for free.
And most importantly: why do you need SSL? Do you store personal data or commercial information? By and large, SSL certificates are used to protect against traffic interception. More precisely, you can intercept traffic, but you also need to decrypt it. Still there is an application - an input under the certificate. This is when only having a certificate you can go to a site, or a specific section. But this is less commonly used. Without a certificate, the user simply will not be able to access the site. 400 error.
Also, I read, but I didn’t come across it myself: 1 SSL secure site per 1 IP. This is the old standard. Now this is bypassed and several SSL sites are installed on 1 IP, but sometimes the browser may start to swear that this certificate is not trusted. Those. as with self-signed. Once again, I’ll make a reservation: I haven’t come across this myself (we have 1 ssl site for 1 IP), I only relay what I read.
And you should not trust the chest of drawers. This is more than a serious provider. And, by and large, the certificates that you receive from the chest of drawers are not overly secret. They encrypt outgoing traffic. You do not give the most important CA.key to anyone.
In general, take a look at https://www.ssls.com/ where you can buy a Komodo certificate cheaper than in the chest of drawers.
Well, you can also StartSSL.com if you want a freebie, but the process of obtaining it is somewhat confusing, but many people use it.
And to take a certificate from nic.ru .... You, according to anyone, do not take a certificate from a nickname. They're just making money. If you have any questions about the certificate, they will send you to the certification authority and negotiate as you wish. I turned to nic.ru with an EV certificate ... There the TP service advised me convincingly to order it directly.