Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I really need to use SSL in my Socket Server\Client Communication but paying for a certification is too over priced for me 🙁 i can’t afford payed Certification
[Note] : my program will be publicly released so i wanna to secure my program communication with my server
The Question Is : Is it possible to use SSL\TLS for free in an effective [Without Security Riscs] way because i can’t afford payed certificates… ?
Yes it is. Buying certificates from a trusted CA, makes your server be trusted by all browsers without any manual action (e.g. Verisign).
If you own both the client and server and you are using SSL you can create your own certificates (or get free ones) and install them to all clients as trusted (in an off-line process).
The only part that relates to security now is the key size. Should be at least 2048 bits.
But there is one catch. If you create your own certificates you need to be careful what extensions you set so that you don’t have any issues during deployment. The CAs know how to create
X509v3compliant certificates to be accepted by all browser (libraries) without any issues