The problem with using CAcert’s digital certificates

Nothing drives away visitors to a website faster than seeing a warning message that informs them that the site or page they clicked to visit is not trusted.

It’s a guaranteed traffic killer. No Web publisher wants visitors to see that type of message. But that is exactly what they will see if the publisher uses an SSL certificate issued by CAcert.

Why? Because nobody that matters in the industry seems to trust CAcert as a Certificate Authority. If you are wondering who or what CAcert is, it is a “community driven Certificate Authority that issues certificates to the public at large for free.” And their goal is to “promote awareness and education on computer security through the use of encryption, specifically with the X.509 family of standards.”

The problem, as stated earlier, is that browser vendors do not ship CAcert’s root certificates by default. Why? It’s a long story, but the gist is, they don’t trust the certificates. So if you are a Web publisher and are considering a CAcert-issued digital certificate, do yourself a favor and get one issued by a trusted certificate authority. Yes, they cost money, but the traffic (and money) you lose from scared visitors could be more than you spend for a commercial certificate.

I decided to write this article after I saw the usual “invalid certificate warning” when attempting to visit OpenMandriva’s wiki page. Yes, you may opt to add an exception to the certificate, but most users, including this author, will simple click the back button or close the browser tab or window.
CAcert ssl root certificate

With its bright-red background, the warning looks even more ominous if you tried to visit the page using the Chromium browser. So whoever is in charge of OpenMandriva, here’s a friendly message: Please get a digital certificate from a trusted source.
CAcert untrusted digital certificate Chromium

Related Posts

Catching Video Pirates: Invisible DNA-Like Fingerprint on Video Assist Law Enforcement You know when you're watching a pirated film downloaded from the Internet -- there's no mistaking the fuzzy footage, or the guy in the front row getti...
Short, on-Chip Light Pulses Will Enable Ultrafast Data Transfer Within Computers Electrical engineers generated short, powerful light pulses on a chip -- an important step toward the optical interconnects that will likely replace t...
The most affordable FreeBSD-supported Cloud/VPS hosting providers Looking for a Cloud/VPS hosting provider that supports FreeBSD? Your search is more than half way done. That's because I have gone through the off...
Firefox OS: One more for the road Choice, as they say, is a good thing. Or you can never have too choices. In the mobile device operating system space, there are plenty to choose from,...
Dark Mail Alliance aims to offer Email 3.0, with built-in end-to-end encryption Dark Mail Alliance, co-founded by Lavabit and Silent Circle, aims to create an open source email protocol and architecture that has end-to-end encrypt...
FreeOTP now vailable for Android. Install it from Google Play FreeOTP is now available for Android and can be installed from Google Play. FreeOTP, which is based on open standards, is a "multi-factor authentic...

We Recommend These Vendors and Free Offers

ContainerizeThis 2016 is a free, 2-day conference for all things containers and big data. Featured, will be presentations and free, hands-on workshops. Learn more at ContainerizeThis.com

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

Want to become an expert ethical hacker and penetration tester? Request your free video training course of Online Penetration Testing and Ethical Hacking

Whether you're new to Linux or are a Linux guru, you can learn a lot more about the Linux kernel by requesting your free ebook of Linux Kernel In A Nutshell.


One Comment

  1. Oydenos recommends Perspectives.

Leave a Comment

Your email address will not be published. Required fields are marked *

*