Re: Best type of SSL cert for my domain.

I use RapidSSL myself on a big website I manage.
But it costs money and is pretty cumbersome to setup if you have never done it before, especially to get an A+ rating on ssllabs test: https://www.ssllabs.com/ssltest/

That's why I recommended Let's Encrypt above, the main thing with it is that it will be very easy to get going, no mucking about required...

Re: Best type of SSL cert for my domain.

Yeah, most were over phone lines but some had telnet access. The software is going to take a long time. I was thinking of creating a support forum with relevant information and various files and then slowly work on the open source clone. I was hoping it'd give me an idea if anyone was still interested and maybe even find someone willing to help. For instance, I don't have any of the message database files. I was hoping some old JetBBS sysop had a backup copy lying around somewheres so I could analyze the file format.

The word on the street is at one point in time Troy Beckstrom, the original author, released a few header files on the message boards. I'd love to find them, if they really exist. I've successfully tracked down the registered version 1 - 5, (5 was the latest version, 5B was the freeware one, where no registration key was required). I'd love to find the shareware versions of the older ones as well and then the odd ball stuff, like the various patches that were released. I found someone that has some that's he's willing to give me, once he makes it home (which won't be any time in the near future I guess).

Re: Best type of SSL cert for my domain.

.

Re: Best type of SSL cert for my domain.

This is perfect Per Hansson! I found this:
https://letsencrypt.org/certificates/

I'm still a bit confused though as to how to actually set it up and everything. I have access to something called cPanel with GoDaddy. I also have shell access but it's limited. With cPanel, I can do more, like setup MySQL databases. Once I set one up through cPanel, I can manipulate it through the shell line. So I might have to setup the SSL stuff through cPanel as well. I gotta wait till December 3rd to get the SSL though because they're going public with the beta on that date, allowing the public to grab SSL certs.

I don't really understand what this stuff is on the site I linked too though:
Also a bit confused as how to actually get the SSL stuff using their tool, letsencrypt. For example, on the how it works page, I see this:
Does that mean I'll have to modify the Apache configuration file? I don't have write access to that, unfortunately. I mean if I run letsencrypt with the -d option, once it puts the cert in the current directory, what do I do with it? Maybe download it and use cPanel to configure it or something?

And what's the difference between the cert and the key?

Re: Best type of SSL cert for my domain.

I also found this on the cPanel stuff under SSL/TLS:
I think the Private Keys thing answers what I do with the key.pem file that letsencrypt will generate. I think the Certificate Signing Requests is what I will need to give Let's Encrypt when the 3rd comes around and I request an SSL cert and then once I get one, I just upload it using the Certificates option, right? Then somehow I have to tell it what domain / subdomain I want the cert for, because it's not a wildcard cert, right? So once I get my first cert all taken care of, I go to Mange SSL sites and add JetBBS.com and then if I setup downloads.JetBBS.com, I'd need to do the whole process over again but this time, for the subdomain, right?

Re: Best type of SSL cert for my domain.

cPanel?
you should have SSH and FTP/SFTP access to your root folder.

Re: Best type of SSL cert for my domain.

My domain is hosted on a shared server currently. I don't have root access. I do have SSH / SFTP / FTP access though. I have full read / write access to my home directory and then read access to most of the other directories. I appear to be in some sort of chroot jail. Symbolic links that should be valid are not and files are missing. I believe they do this for security so we do not have access to other people's files. Some very common Linux utilities are there but simply do nothing, others are completely missing.

I cannot modify any of the Apache / PHP / MySQL config files. cPanel is just a web-based GUI that gives me a bit more access than what I have with SSH. For example, I can add an SSH user account with cPanel, but not via the shell. I can turn FTP dameon on / off via cPanel but not via an SSH shell. I can create a MySQL user and give them access via cPanel but not via an SSH shell. If I upgraded to a dedicated virtual server, I would have root access. Linux would be installed on a PC in a virtual machine just for me. It would also be running other people's websites as well, in their own virtual machines. We would not have access to each others virtual machines though.

Right now, my website is hosted on one PC that has many websites owned by other people hosted, just we don't have full control over the server and cannot see each other. To do certain things, it appears we need to use cPanel.

Re: Best type of SSL cert for my domain.

sounds badly run, i'v seen virtual hosting using multiple home folders where everything does work.

Re: Best type of SSL cert for my domain.

I think it's more a security feature. Like I'm almost positive I'm in a chroot jail. But I do have a home folder. /home/sporkschivago. I'm the only user listed in the /home directory. I mean, because it's a shared virtual server, they can't really give me root access and cPanel must have access to certain programs that have the setuid bit set, so it has higher access than I do. I mean it does suck, but if I do want full root access, I can pay to get a dedicated virtual server or a dedicated server. This is what I pay and this is what I get with the Shared Virtual Server:
It's not so bad for the price I guess. I figured once I get the actual website built, maybe I could switch to a dedicated virtual server, where I'm root. I didn't know at the time when I got the domain that I could buy a domain without hosting. That's how little I knew about this stuff, or I probably would of done that!

Re: Best type of SSL cert for my domain.

wow. thats nearly tantamount to being in a degree mill, no offense. getting a degree in a degree mill without attending any classes is almost like attending class without learning or being taught anything. lol what university is that? i wanna matriculate in that university. easy come easy go.

the professor was right in making the students search for their own answers online tho. these days, i dont really see the actual practical merits of matriculating aside from bragging rights. with g00gle, youtube and wikipedia, the entire world is at your fingertips and u can practically learn how to do anything these days from the abovementioned big three. i foresee that sometime in the not too distant future, schools/colleges will just be obsolete and outdated. information/knowledge/skills will just be downloaded straight to the brain when u need to know how to do something. kinda like the matrix.

also, university is not the best place to acquire what really matters and what you really wanna know: the tricks of the trade. these closely guarded secrets can only be found by going out to experience the world for yourself. college is just the additional gear u bring along with you. college is not walking that journey for you. you will still have to walk that journey of a thousand miles yourself. only by walking can u find these secrets and even better, come up with secrets of your own and then it will be your turn to guard your own secret(s) jealously for it will be your livelihood.
i think the only thing the professor got into were the female students' pants. i had a case in my middle school before of a creepy teacher who was constantly casing the female (teen) students up and down and we had to wear uniforms over here! needless to say, i dont wanna know anything about the thoughts or fetishes going on in his head while he was casing the female students in uniform!

eventually, they (the female students) got sick and tired of it and banded together and complained to the principal and had the pervert teacher removed.

so in short, that thing called "tenure" and "lack of a replacement" is just bs... i just dont buy that lame excuse!

Re: Best type of SSL cert for my domain.

The college was Corning Community College. The professor is still there I believe. I don't agree with having us check the answers up on-line. They were CCNA tests and they not only showed that we understood the material but also that the teacher was properly teaching us the correct material.

I agree that experience in a real-world environment is more educational than any college can really be. There are places that require a certain level of education though, just for you to be able to turn in a resume. Corning, Inc is one of those places (for the computer department stuff at least). I tried applying and they said they couldn't accept it unless I had at least a bachelor's.

When you enroll in a college major that's based off the CCNA stuff, you kind of expect that at the end of paying lots of money, you'll be able to sit down and fully configure a Cisco router, you'll be able to setup firewalls, active domain, maybe some Linux servers, you know, just basic stuff. But when you pay all that money and you spend a full semester learning DOS commands, it's not gonna help keep that job you get as a System Admin, where you'd learn those harder lessons that can't be taught in school.

That story about the teacher and the girls is disturbing. I'm glad they were able to get him removed.

Re: Best type of SSL cert for my domain.

I was thinking of switching hosting sites. You were right, Stj, this one does suck! I tried upgrading to a dedicated virtual server, and everything was going good, at first. Then the tech rep said I wouldn't have root access, even though on their web page for dedicated virtual servers, they said I would! The tech rep said I'd need to go for a dedicated server, the cheapest would be over a grand a year!!!

I found this site:
http://www.server4you.com/vps#compare

It looks kind of good. I would want the Premium X8, only because it's the cheapest one that offers Stateful Packet Inspection. If the cheaper options on that site provided Stateful Packet Inspection, I'd go for one of those. I don't understand why they don't though. How freaking hard is it to setup a Stateful Packet Inspection firewall? Not very hard at all.

Anyway, 22.99$ a month and I get full root access, a dedicated 100Mb/s ethernet port, 600GB hard drive (or 300GB SSD), 10 virtual cores, 12GB dedicated RAM (18GB "Burst"), it's hooked up to a 550Gb/s backbone. I get unlimited bandwidth in the sense that my website won't shut down if it transfers a LOT of data (unlike GoDaddy's, who cheapest was 1TB / month). There's no way for me to tell how many servers are using that 550Gb/s bandwidth though, but still, that's a fairly high number. In Deposit, we had maybe a 2Gb/s backbone. It says each vServer is prepared for encrypted websites via SSL. I wonder if that means I get an SSL cert or if I can just set one up.

What do you guys think? This almost sounds way too real to be true. I can pick a server in the US of A or Europe. And I get a free dedicated IP address, where as with GoDaddy, I'd have to pay extra for a static IP address.

Re: Best type of SSL cert for my domain.

consider iceland as a hosting base too.

they are getting into remote hosting bigtime with new freedom and privacy laws after they overthrew their old shitbag banker-owned government.

Re: Best type of SSL cert for my domain.

I don't feel well, I gotta go lay down.

Re: Best type of SSL cert for my domain.

The server4you seems to have mixed reviews. All of them are either 5 stars or 1 star. Almost all the complaints seem to be around a lot of down time or basically no support at all. E-mails not being answered, tickets not being answered, support people being rude when they do answer or doing nothing for the customer. Servers being down for days at a time until the support finally realizes it's on their end and fixes the problem. Scheduled down times that are supposed to be for 4 - 6 hours but taking days instead. I think I'm going to avoid them.