I need to get rid of the "This site is insecure" message when you visit the HTTPS version of the site, because the cert is for *.webfaction.com and I'm using a custom domain. I've been reading the docs to try to understand what I need. Are all of these steps mandatory in the process? I need to serve the site over HTTPS and I want the error to go away in Chrome & Firefox.
Can you recommend a good, cheap certificate authority? Do I need to complete all of those steps above? asked 19 Jun '11, 11:30 kevinburke |
Most of our customers tend to use GoDaddy for the certificates. I'm not 100% sure if it's the cheapest but it's definitely the most widely used (for us).
Yep. After you get your certificate, just open a ticket and we'll do the rest. answered 19 Jun '11, 11:49 David L ♦♦ |
I realize this is a four-year-old thread, but it's still relevant… I was just searching for the same info. I managed to find an AlphaSSL wildcard SSL certificate from a reseller called ssl2buy.com for US$42. Because of the price I was skeptical, but it has been installed on my WF account and is working fine across all the subdomains and in different browsers (Chrome, Safari, Firefox, Opera). So that's how I got around the browser warning problem. I have no connection to ssl2buy.com or AlphaSSL. (And you no longer need a dedicated IP address for this.) answered 04 Aug '15, 14:36 PeterA |
Two certificate authorities, StartSSL and WoSign, offer domain-validated TLS certificates without charge to individuals. My own site on WebFaction has a StartSSL certificate. Some other CAs, including GlobalSign and GoDaddy, offer certificates without charge to open-source projects. The general process is as follows:
There's also Let's Encrypt, an automated way to obtain and renew domain-validated TLS certificates which any server administrator can install but which WebFaction has not yet decided to implement. answered 17 Feb '16, 15:43 pinop8 |