Free SSL certificates will be supported in IE/Windows [Update]

August 21, 2009

In the StartCom Blog the head of the company writes that its CA will be included by Microsoft. He states, “Starting approximately the 22nd of September, Microsoft intends to distribute a non-security update package to the Windows operating systems which includes the trusted StartCom root certificate and the automatic root certificate update service will update the cryptographic certificates root store on those systems whenever a StartCom issued certificate is encountered.”

Why is this worth reporting? This CA is with the above mentioned date the first CA which provides a Free SSL certificate which is supported by Microsoft and therefore by all Internet Explorer browsers. Sure this is “only” a SSL certificate which only assures the domain name or email address, but this is much more than now. You find many small mail servers where the webmail/IMAP/POP3/SMTP or a small homepage for a few users is self signed. All these can now be protected much better, the only problem seems to be that the CA is not supported by Firefox and other open source players. The other authority I know which provides free SSL certificates is CAcert. They are much stronger in the open source world, but with the inclusion of the StartSSL CA by Microsoft, they will have a much lower install base of browsers than StartSSL.

[Update] Mozilla and Apple support this CA for years already. My error – sorry. So these Free SSL certs are really something for a small website or mail server.[/Update]

3 Comments »

RSS feed for comments on this post. TrackBack URI

  1. Hi Robert,

    I’ve come across your nice article here and wanted to inform you that the StartCom CA is supported by Mozilla and Apple already for years. Microsoft is really closing the gap which remained.

    This wasn’t made too clear in the article because my audience usually knows about that. I hope that this clarification helps.

    Comment by Eddy Nigg — August 22, 2009 #

  2. Hi Eddy,

    Thx, I’ve updated the blog post. My problem was that there was nothing on your Homepage (startssl.com) witch states with browsers have build in support for your CA. Maybe you could add this, or make it easier to find if I was only not able to find it.

    Comment by robert — August 22, 2009 #

  3. Yes, Robert, we’ll do this very soon. Incidentally we removed this page not long ago from our “old” CA web site. Thanks for updating your post above and enjoy the free certs 😉

    Comment by Eddy Nigg — August 22, 2009 #

Leave a comment

XHTML: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Powered by WordPress
Entries and comments feeds. Valid XHTML and CSS. 74 queries. 0.218 seconds.