www.startssl.com better than I thought

Started by Lazybones, April 07, 2013, 09:33:35 PM

Previous topic - Next topic

Melbosa

KeePass is handy for that.  I've also used LastPass and at my client sites I've been using TeamPass in a VM.  All great products!!!!
Sometimes I Think Before I Type... Sometimes!

Tom

Quote from: Lazybones on April 08, 2013, 06:10:06 PM
I use a keypass password database encrypted with a strong password stored and replicated via Dropbox . It supports file attachments so I keep a copy of the cert and its pass phase in there.

If all my client PCs are wiped out I just download keypass again (keep a copy in Dropbox just in case) mount my database and re-install the cert.
But how to you protect against the keepass db being lost or accessed? Gotta keep it in other locations, and secure it with more encryption!
<Zapata Prime> I smell Stanley... And he smells good!!!

Lazybones

Keepass databases are very secure and can take a very long passphase.

Dropbox leaves a copy of your DB local and in Dropbox.  It is unlikely you would loose access to both at the same time and also suffer a disaster event at te same time. Most of what I have in Dropbox is recoverable by some form of reset which is inconvenient   

Remember the suggestion was to have a way to recover your personal cer which will also be in your browser or OS key store for daily use.  You would have to loose your local key store, local Dropbox and online Dropbox all at the same time to have lost the key for good.

Lazybones

So I logged in to renew my cert (personal key for the site worked perfectly) and screwed up during the signing process loosing private key.. Turns out there is a $24 USD revocation fee on the free certs...

It is actually cheaper for me to pay for a new cert with unlimited revoke from another provider than to revoke my free one... BOO so much for free.

Guess I will use the fairly cheap basic SSL service from domainsatcost.ca .

Melbosa

Sometimes I Think Before I Type... Sometimes!

Lazybones

Quote from: Melbosa on March 31, 2014, 01:12:02 PM
Company has to make monies somehow :P

If their revoke fee is higher than the UNLIMITED revoke that comes with a new service offered by MANY competitors they are doing it wrong.  If revoke was cheaper than a full cert (elsewhere) I would have just revoked. IE this actually cost them money as their PAY service is more expensive than many others.

Melbosa

Whatever... they are still in business so they have to be doing something that people pay for ;).  At least you found out why to go somewhere else :D.
Sometimes I Think Before I Type... Sometimes!

Lazybones

Quote from: Melbosa on March 31, 2014, 01:27:48 PM
Whatever... they are still in business so they have to be doing something that people pay for ;).  At least you found out why to go somewhere else :D.

Point was they failed on conversion which is a major topic in retail and online business. If they where smart they would have had an automatic option that on the free service the revoke link triggers a one time promo code to get FULL service CHEAP, thus getting money, and drastically increasing the chance I would just renew with them in the future.

Amazon and several other online retailers to a great job of this.

Tom

I find their setup is just annoying enough to just make me buy a cert from namecheap.
<Zapata Prime> I smell Stanley... And he smells good!!!