WebFaction
Community site: login faq
1
1

I need to get rid of the "This site is insecure" message when you visit the HTTPS version of the site, because the cert is for *.webfaction.com and I'm using a custom domain. I've been reading the docs to try to understand what I need. Are all of these steps mandatory in the process? I need to serve the site over HTTPS and I want the error to go away in Chrome & Firefox.

  1. Generate certificate
  2. Pay for dedicated IP from Webfaction
  3. Register with certificate authority
  4. File a ticket with Webfaction to recognize the certificate

Can you recommend a good, cheap certificate authority? Do I need to complete all of those steps above?

asked 19 Jun '11, 11:30

kevinburke's gravatar image

kevinburke
2711015
accept rate: 0%


Can you recommend a good, cheap certificate authority?

Most of our customers tend to use GoDaddy for the certificates. I'm not 100% sure if it's the cheapest but it's definitely the most widely used (for us).

Do I need to complete all of those steps above?

Yep.

After you get your certificate, just open a ticket and we'll do the rest.

permanent link

answered 19 Jun '11, 11:49

David%20L's gravatar image

David L ♦♦
1.4k13
accept rate: 45%

I realize this is a four-year-old thread, but it's still relevant… I was just searching for the same info. I managed to find an AlphaSSL wildcard SSL certificate from a reseller called ssl2buy.com for US$42. Because of the price I was skeptical, but it has been installed on my WF account and is working fine across all the subdomains and in different browsers (Chrome, Safari, Firefox, Opera). So that's how I got around the browser warning problem. I have no connection to ssl2buy.com or AlphaSSL.

(And you no longer need a dedicated IP address for this.)

permanent link

answered 04 Aug '15, 14:36

PeterA's gravatar image

PeterA
1042519
accept rate: 14%

edited 04 Aug '15, 14:39

Two certificate authorities, StartSSL and WoSign, offer domain-validated TLS certificates without charge to individuals. My own site on WebFaction has a StartSSL certificate. Some other CAs, including GlobalSign and GoDaddy, offer certificates without charge to open-source projects.

The general process is as follows:

  1. Make a 2048-bit RSA private key using a tool such as OpenSSL.
  2. Generate a CSR (certificate signing request) which contains the corresponding public key.
  3. Give that to the CA.
  4. Verify control of the domain. (Some CAs, such as StartSSL, may place this step before step 3.)
  5. Download the certificate.
  6. Open a support ticket with WebFaction to get it installed.
  7. Repeat the process a year later.

There's also Let's Encrypt, an automated way to obtain and renew domain-validated TLS certificates which any server administrator can install but which WebFaction has not yet decided to implement.

permanent link

answered 17 Feb '16, 15:43

pinop8's gravatar image

pinop8
1313
accept rate: 0%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×79
×68
×26

question asked: 19 Jun '11, 11:30

question was seen: 3,322 times

last updated: 17 Feb '16, 15:43

WEBFACTION
REACH US
SUPPORT
AFFILIATE PROGRAM
LEGAL
© COPYRIGHT 2003-2016 SWARMA LIMITED - WEBFACTION IS A SERVICE OF SWARMA LIMITED
REGISTERED IN ENGLAND AND WALES 5729350 - VAT REGISTRATION NUMBER 877397162
5TH FLOOR, THE OLD VINYL FACTORY, HAYES, UB3 1HA, UNITED KINGDOM