On Wed, Jun 15, 2016 at 10:02:57AM -0500, Valeri Galtsev wrote:
On Wed, June 15, 2016 9:17 am, Warren Young wrote:
Nowadays it's quite easy to get normal ssl certificates for free. E.g.
Today, I would prefer Letâs Encrypt:
It is philosophically aligned with the open source software world, rather than act as bait for a company that would prefer to sell you a cert instead.
I have got question for experts. I just opened settings of Firefox (latest, on FreeBSD), and took a look at the list of Certification Authorities it comes with.
I do see WoSign there (though I'd prefer to avoid my US located servers have certificates signed by authority located in China, hence located sort of behind "the great firewall of China" - call me superstitious).
I do not see neither starttls.com nor letsencrypt.org between Authorities certificates.
I'm not an expert by any means, but I use letsencrypt (mostly for testing) and it's always worked for me in FreeBSD with Firefox, without any special effort on my part. You can try https://srobb.net which is using letsencrypt as its cert.