Categories
english OnlineLife Net Webapps

Cheap and Free SSL/TLS Certificates…

I recently was pointed to a website where one can get really cheap SSL certificates (Danke Oliver).
They sell certificates, signed by GeoTrust, Comodo, RapidSSL, Thawte and Symantec. As CheapSSLSecurity is a major reseller they can offer a really low price. If you take a 3 year certificate you get as low as 5$/year.

I am aware that there is an offer for FREE SSL Certificates out there. The drawback is however, that they are free to get, but cost 25$ to be revoked.

There are also efforts on the way to make encryption free and easy to use: Let’s Encrypt is a free and automated open-source certification authority. Their plan is to offer free certificates in summer 2015.
If you can wait for this service, it should be the cheapest option. To learn more about Let’s Encrypt, watch the talk that was given at 31c3 (icon-magnet magnet link).

And of course there is CAcert. They are a community driven assurer, which I’ve been using for many years. They however did not yet manage to be included in popular web browsers. Using their certificates will likely trigger warnings with normal desktop setups. Their certificates are free and depending on your involvement they grant certificates for up to two years.

Personally I’m using CAcert for most certificates, but whenever a broader audience should be able to connect without warnings these certificates become combersome. This blog is using a Comodo certificate via cheapsslsecurity.

Update 2015-01-03 14:00: added the Let’s Encrypt video from 31c3.

Update 2015-01-16 12:30: A user comment pointed at www.cheapsslshop.com, which seems even cheaper at $3.5/year, with a new years discount code (“CMDXMAS50”). Thanks.

Update 2016-02-04 07:30: Let’s Encrypt is issuing for a few weeks now, and they just issued their 500.000th certificate today.

Categories
english Howto Software

Adding SSL to transmission’s web interface…

If you’re using transmission’s web interface to manage your torrent downloads, and you are doing this remotely (from outside your LAN), you might want to add some privacy.

As previously posted there are ways to use magnet links with transmission’s web interface. This webinterface works well when you are on your local network aka LAN and don’t have to fear prying eyes.
The moment you’re using the transdroid android app or your laptop in a coffee shop the commands and responses of your transmission daemon at home can be read by anyone.

Luckily the transdroid android app offers an SSL option. All you have to do is configure a proxy on your transmission daemon machine.

Here is how:
Install nginx (a lightweight http/https server):

1
apt-get install nginx