Avoid GoDaddy SSL Certificates

[McMac]

Avoid GoDaddy / Starfield SSL Certificates if you plan on catering to Mac customers. I know I have tried it.

Despite claims on their (godaddy / starfield) websites, you cannot use these certificates with the following browsers:

- Safari (Mac)
- Internet Explorer (Mac)
- Mozilla (Mac)

The certificate will work on a pc fooling you into thinking it will work for your Mac customers too. But, if your Mac customers use any of the above browsers (which is almost every one of them), they will get the "can't verify the identity of this website" message, and your customers will not trust your certificate.

Godaddy certificates (the cheaper turbo ssl ones), use chaining technology which requires a hosting web server to be SSL version 3 or greater. This too can cause compatibility issues. You see, on the PC (and in linux) most browsers ship with a fairly large number of root certificates "pre-authorized". This greatly reduces the chance of an SSL certificate not becoming validated when the browser checks it out. On Mac this is not necessarily the case.

To prove this open up Firefox on Mac and visit a site which is secured by one of these turbo ssl certs. It will most likely work, when the other mac browsers do not. This is because it has the Valicert certificate pre-shipped with it, and doesn't suffer the same authorization and / or chaining issues.

Now I will admit I am a beginner with this, and I am only speaking from my latest experiences. I'd love to hear to the contrary for my own education.

But my advice for now if you have doubts and want to avoid the hassles is thus:

Avoid godaddy / starfield certificates if you wish to cater to Mac customers.

[McMac]

Just to post a follow up to this.

www.freessl.com (a GeoTrust company) have a cheaper certificate which is not chained and the give you an extra two months when you make a purchase. Also, you can try their certificate for 30 days completely for free. This allows you to see if it works to you liking and actually does what it is supposed to do. I did this today, and I have a ticket in with the Micfo techs right now to update this certificate to the full StarterSSL.

All of their certificates work on the popular Mac browsers, even though they do not advertise this ( they should ). I have personally tested their freeSSL and soon StarterSSL on my micfo account with:

IE (Mac and PC)
Firefox (Mac and PC)
Safari
Mozilla (Mac, PC and Linux)

That alone covers a huge chunk of the browser market and any potential customers to your secure store.

The only small point I have with StarterSSL, is their web seals look a bit amateurish compared to others. Not such a big deal when their certificates offer excellent compatibility.

If you have any questions about my experiences with either Godaddy / Starfield or Geotrust / FreeSSL, i'd be happy to answer the best I can. Send me a private message.

[linasgricius]

How to activate SSL on my account? I've already uploaded SSL Certificate (CRT) to my hosting web server. Have I to do more smth or... ?

[McMac]

Hi LG,

Honestly, I would submit a ticket for installing an SSL certificate. It may not be as simple as using the installer in cPanel in each case. Also, it may be better the Micfo techs generate your CSR.

I put the techs through 2 or 3 days of hell with the GoDaddy certificate fiasco, and they were very accomodating and helpful.

[web-content-king]

This still the case with Godaddy certs not working on Macs? Or have they been updated? When will they be updated in the browsers...is this one of those things that happens with automatic update?

Thanks

Joel

[McMac]

Joel,

As far as I know they have not changed cert providers, and despite what they say, they were not good for Mac when I tried them.

Furthermore, why risk it? Go and get one which works for sure and is not chained.

[racegun]

I have found an firm who make free SSL Certificates.

They are only for secure connections.

I have got one and installed it it works for me .

Tested the page with Netscape Mozilla, Konquer and Firefox it is accepted.

https:// cert.startcom.org/

try it out read the page and tell me if this is all you need.

[certguru]

Just noticed this old thread and wanted to clear something up: Go Daddy SSL certificates (https://www. godaddy.com/gdshop/ssl/ssl.asp) do work with Safari, IE, and Firefox without throwing any errors. If you want to be sure, just visit the link above in any of those browsers.

Sounds to me like the original poster didn't have their cert installed correctly.

[JohnS]

Possible. But this thread is also 3 years old and I can't see how we can verify either statement so far on :-)

[drachma]

Godaddy certificates are just like rapidSSL etc. They use an intermediary root and I believe is called a chained SSL. They do work for 99% or so # of browsers because the very root CA is a primary trusted root.

The only complexity being installing the certificate on domains requires an additional cert? file to be linked to it. Generally that cert file is provided from the moment your SSL purchase is authorized.

[GhostRider2110]

Since we are on the topic of Godaddy CERTS. Has anyone have any experience with the Godaddy multiply subdomain cert? I am looking into these. They sound great for where I work. Since we have many systems now we currently use self signed certs which is fine as long as the students apply our root CA. We want to get out of that and the multi-subdomain cert SOUNDS perfect... Just wondering any real world experience.

--Mitch

[GhostRider2110]

Found this thread about wildcard certs:

http://mcmanus.typepad.com/grind/200...l-madness.html