[Cialug] Now 1 day: Re: 87 days to go. Cert recommendations?

[Paul Gray]

Just wanted to bring closure to the topic that started 85 days ago.

If you recall, I was working with a small business that required
certificate-based imap/pop/smtp encryption that wasn't based on a
self-certified cert.

I found Comodo's "free for 90 day" certs, and put one in place while I
pursued my options.

Thanks to all that replied.  I ended up going with the 100% FREE (limit
1) cert from StartSSL.  It took a bit of persistence to get through the
free certificate signup (they close the application pages when the queue
gets too long), but I secured one about a month ago (and procrastinated).

The StartSSL cert was put in place today, with the only hickup was
getting the host certificate, the priv key, and the CA bundle in the
correct order in the bundle file used by Courier IMAPs/POPs.  Trial and
error (and watching the logs) produced the solution.

The transition from the Comodo bundle to the StartSSL bundle was
completely transparent, and no cert warnings were thrown even when the
cert presented to the client changed.

-- 
Paul Gray                                         -o)
314 East Gym, Dept. of Computer Science           /\\
University of Northern Iowa                      _\_V
 Message void if penguin violated ...  Don't mess with the penguin
 No one says, "Hey, I can't read that ASCII attachment ya sent me."