Tuesday, November 17, 2009

SSL Encryption is in at Nullshells Networks - Part 3

SSL Encryption is totally in at Nullshells Networks!

It's been almost a year since our first post about SSL Encryption here at NullShells and it's amazing how much changes in a year. Now we've decided on an SSL certificate authority for the main site... even though we do have some reservations. I still believe that browsers generally distort the user experience by labeling self-signed certificates as untrusted, and trusting corporate certificates from authorities. I think that this is all steeped in greed and the desire to manipulate people into paying for something that they can create themselves for free. Anyone can setup their own CA, when they don't want to make a self-signed certificate, they can do it the same way the trusted CAs do, and it still won't recognize your certificate as trusted in a browser.

The authority we decided on was AlphaSSL; we purchased an SSL certificate through Dynadot for only $12, that's $53 off the price through AlphaSSL directly. All in all this is a pretty reasonable price to allow our customers to avoid the annoyance of having to trust a self-signed certificate. In my opinion, this is a fair price considering the costs that are involved with creating a certificate authority and distributing certificates through the web. Overall this is a good value for both us and you. In addition to that, we found that the AlphaSSL certificates support many mobile devices that aren't supported through other websites!

If you've got your own website, you have web hosting with us, and you want SSL then we recommend you get one of these $12 certificates on your website too. Otherwise, you are still welcome to use our systems to generate a free self-signed certificate for your website. However, please note that in order to take advantage of your certificate on our hosting servers, you do need to purchase an IP for $2/mo. for your domain name. Once you purchase an IP you can use your self-signed or purchased SSL certificate on your website. You only need to contact us to have us add it to our our apache configuration file, or we request access to this file yourself.

Alternately, you also can use our shared certificate (self-signed) simply by enabling SSL through the checkbox in our control panel. Once you enable this you will have the shared SSL certificate we offer on the main IP for all of our websites on that server. As an example, below you can see what an SSL dialog looks like in the control panel for our main website at nullshells.net.

AlphaSSL SSL certificate should be supported as trusted by pretty much all browsers. If you have problems then we definitely want to know! So in the rare case that this happens, write us a detailed report of the problem (please include a screenshot) and mail it to [email protected].