I have been browsing around the various Certification companies, trying to locate the best deal. I would be interested in hearing if anybody has found a cheap and reliable source. Thawte and Verisign seem pretty expensive.
Do remember that most clients will probably not have a Digicert CA root certificate in their "trust store" unlike Verisign and Thawte certificates, which may or may not be of significance to your particular application.
Originally posted by Lasse Koskela: Do remember that most clients will probably not have a Digicert CA root certificate in their "trust store" unlike Verisign and Thawte certificates, which may or may not be of significance to your particular application.
I can't resist the urge to reply. I want to correct the statements above, as DigiCert issues a fully trusted certificate. Your users will not be required to load a certificate. Here is a link to one of our secured pages so you can see for yourself (use any browser you wish) that our certificates are fully trusted (you will notice no popup warnings - click and view the lock): https://www.digicert.com/order/orderform.php?hProdID=1
Below I have included some information which I hope will be helpful.
DigiCertSSL Certificates are Trusted by over 99% of all major browsers, comprising Internet Explorer 5.00 and above, Netscape 4x and above, AOL 5 and above and Opera 5 and above and comes pre-installed with all Windows 98SE, Windows ME, Windows 2000, Windows XP, Mac OS 8.5, Mac OS 9.x, Mac OS X operating systems. We use strong 128 Bit Encryption technology (which is currently the highest level of encryption used in current browsers).
Installation is simple, however we provide 24/6 free phone, email and live support if needed (including International phone support). We also provided a 100% Unconditional Money Back Guarantee for 30 days and Free Reissues for 90 days (from time of purchase). We follow strict validation practices, however based on our procedures and allocated resources; we can normally complete vetting within 1 hour from receipt of application/order (which means most of our certificates are issued in 1 hour).
DigiCert supplies certificates to small, medium and large Corporations (including fortune 500 Companies), Non-Profit Organizations, State & Federal/National Government Agencies and Banking/Educational/Medical Institutions. Approximately 30% of our business is International.
Executing this piece of code, it looks like DigiCert is not among the built-in trusted certificate authorities for my Sun JDK 1.4.2.
The CA's the above program found included: - Thawte - Equifax - CyberTrust - RSA Data Security - Entrust - Verisign - GeoTrust
Unless DigiCert is one of these, I stand by my words. Even if the DigiCert certificate comes built-in to web browsers, that doesn't help much a web service developer whose service is invoked using Java, not a browser...
Joined: Sep 17, 2004
Yes your list is true but if you look at our certificate it is generated from the GTECyberTrustGlobalRoot. So it will not be listed as DigiCert in the trusted root store.
Again our certificate is fully trusted.
Joined: Jan 23, 2002
Ah. I see. I stand corrected.
Author and all-around good cowpoke
Joined: Mar 22, 2000
Thanks, Chuck - Digicert is looking like a good deal. We ranchers hope you will be sticking around to help with the security questions that come up from time to time on various forums. Bill