PHP and SSL Certificates

182x

Hey guys,

I was just wondering about SSL certificates on a PHP website. I know very little about SSL and I was just wondering is it possible to develop my own SSL certificates or do they have to be purchased from someone like verisign?

Thanks.

etully

You can make your own - and your web site will be 100% secure - but people who visit your web site will get a warning message telling them that you made your own instead of buying one from a CA. If you buy one from Verisign or Thawte, there will be no warning message. The certs from Go Daddy don't have the browser compatibility (so they cause warning messages to come up in people's browsers) but they do have 100% of the encryption protection.

182x

Thanks for the reply, I am currently using PHP, apache, mysql setup. Do you know what additional tools would be required in-order to develop my own?

I was also wondering if you would recommend in general is it better to buy them rather than develop them?

thanks.

MarkR

If you make your own SSL certificate, it will (probably) not be trusted by users.

This means they'll get all sorts of warnings, and it will probably make them believe your site is illegitimate hence they'll be much less likely to buy from it.

You have to buy a proper certificate.

However, the cost of a certificate is minimal compared with the cost of developing / maintaining a secure site such as a shop.

Mark

etully

If you make your own SSL certificate, it will (probably) not be trusted by users.

Not everyone has web sites where the general public are invited. Sometimes they are for friends only. In this case, you should use a proper self signed cert which gives you 100% of the security and 0% of the cost of a cert signed by a company like Verisign or Thwate.

You have to buy a proper certificate.

If you make your own cert, it is proper. That is, if you make your own, your site gets exactly the same level of security of a cert purchased from Verisign or Thawte.

Mark R is right though: If you are setting up an online store where you will be accepting credit cards, then you do need to purchase a cert signed by Verisign or Thawte. Do not buy one from GoDaddy since they aren't trusted by lots of web browsers.

You can make your own cert with openssl. If you are setting up a web site that takes credit cards, then buy your cert from Thawte.