i want to get a useful SSL certificate for my personal webserver.
(and have customers who would like to do so as well).
i've talked to cibc.com/verisign, the canadian verisign affiliate, and they
tell me they can only do certificates for registered businesses.
i'm currently on hold with verisign USA waiting to talk to someone there,
but figured i'd punt the question here.
Try Thawte. Although they're owned from Verisign, they have very different
processes and policies, and are a little more accomodating.
Simon
> i want to get a useful SSL certificate for my personal webserver.
> (and have customers who would like to do so as well).
>
> i've talked to cibc.com/verisign, the canadian verisign affiliate, and they
> tell me they can only do certificates for registered businesses.You may want to give equifax a shot (http://www.equifaxsecure.com/). They
have a "Non-Government Organization" category, which requires letterhead
from the CEO of the company confirming proof of right. They also have the
mondo-spiffy wildcard caertificates (cert works for *.domain.dom).
while it would be trivial for me to go out and register "Jim Mercer & Company"
as a proprietorship ($50 CDN registration fee for 5 years i think), i fail
to see why this is necessary.
a person is a business, in that it is a taxable entity, can incur debt, etc,
etc, etc.
should a copy of my passport not suffice?
as a follow-up, i eventually ended up talking to the Toronto office of Thawte,
and they will accept:
- passport/drivers license
- bank statement, tax roll notice or other paper showing address and
"existence"
- paper letter from the admin contact of the domain deeming the individual
as responsible for the SSL certificate (if the individual's name does
not appear as the "owner" of the domain).
after some discussion, it was agreed that a passport would double both as
verification of ID, as well as certification of recognition by an outside
entity (ie. the government).
as such, i can likely get an SSL certificate with just my passport, drivers
license (as a secondary piece of documentation) and a letter deeming me as
responsible for the domainname (as my name does not actually exist as the
registrant, but i am the admin contact).
There's also www.freessl.com, but their cert only works with IE5.01 or
better.
is netscape going to add them as a default as well?
as such, i can likely get an SSL certificate with just my passport, drivers
license (as a secondary piece of documentation) and a letter deeming me as
responsible for the domainname (as my name does not actually exist as the
registrant, but i am the admin contact).
a letter from whom to whom? a company that places faith in a letter
they ask you to write yourself is just poor in my eyes.
me: i need to do so-and-so.
them: and how do we know you're qualified to do that?
me: i have a letter that i wrote to myself that says i am.
them: oh, very well.
sounds...flimsy.
yes/no.
this is standard practice for the domain registrars, and other elements of
business.
i'm often required to send a letter on "letterhead".
i don't have letterhead, let alone an identifying logo for any of my companies.
so, i just put the company name in big letters at the top of the letter,
date it, sign it.
valid SSL certificate
> > i want to get a useful SSL certificate for my personal webserver.
> > (and have customers who would like to do so as well).
> >
> > i've talked to cibc.com/verisign, the canadian verisign affiliate, and
they
> > tell me they can only do certificates for registered businesses.
>
> You may want to give equifax a shot (http://www.equifaxsecure.com/).
They
> have a "Non-Government Organization" category, which requires letterhead
> from the CEO of the company confirming proof of right. They also have
the
> mondo-spiffy wildcard caertificates (cert works for *.domain.dom).
while it would be trivial for me to go out and register "Jim Mercer &
Company"
as a proprietorship ($50 CDN registration fee for 5 years i think), i fail
to see why this is necessary.a person is a business, in that it is a taxable entity, can incur debt,
etc,
etc, etc.
should a copy of my passport not suffice?
as a follow-up, i eventually ended up talking to the Toronto office of
Thawte,
and they will accept:
- passport/drivers license
- bank statement, tax roll notice or other paper showing address and
"existence"
- paper letter from the admin contact of the domain deeming the individual
as responsible for the SSL certificate (if the individual's name does
not appear as the "owner" of the domain).after some discussion, it was agreed that a passport would double both as
verification of ID, as well as certification of recognition by an outside
entity (ie. the government).as such, i can likely get an SSL certificate with just my passport,
drivers
Lets try that one again, this time replying to the message 
> There's also www.freessl.com, but their cert only works with IE5.01 or
> better.is netscape going to add them as a default as well?
They (FREE SSL) claim that IE 5.01 has 70% penetration. Anyone agree with
that number?
<PRE><!-- for those mail clients that will try to read this as html>
<HTML>
<BODY>
<H1><font face="Arial,Helvitica" color="blue"><i>Microsoft</i></font>
<font face="Arial,Helvitica" color="black" >1 Microsoft Way <BR> Redmond, WA</font>
</BODY>
</HTML>
</PRE>
Like Magic, there's the Microsoft Logo (roughly). Just make one up.
Curtis