> > > Chris Owen wrote:
> > > >
> > > > We've used Stronghold for the past 2 years, but frankly I'd much rather
> > > > use plain old apache-ssl. However, there is the Verisign certificate
> > > > problem.
It gets a little old installing an entire bodily copy of SSLeay, Python,
swish, wwwais, admin servers, and god-knows-what-else every time you want
to enable SSL on a server. I'm pretty sick of it too.
Ben sez:
>
> Yeah, well - Apache-SSL-US is not Apache-SSL. And I'm not C2NET. Still,
> if VeriSign's sales droids want to compromise their position, who am I
> to complain?
Nevertheless. I'm pretty much switching our ops to Thawte except in cases
where customers specifically request it. Verisign also makes it a royal
pain to administer large quantities of certificates as a hosting company
or ISP. The renewal process is every bit as excruciating as the
certification process . . . it's a little hard for me to figure out what
I'm paying Verisign's usury rates for when my own staff has to do all the
research and substantiation legwork.
SOAPBOX=off;export SOAPBOX
- Rob