Category Archives: Personal

TLS Certificate for personal use

Braved startssl.com for a certificate for a mail server for personal use.

I know maintaining a mail server for personal use is a bit keen these days. It has used a self-signed certificate for SMTP submission for a long time, but I wanted both the ease of users connection, and the improved security of using a properly signed certificate.

The startssl.com process is quite well done, and if you read and follow instructions closely it will just work. Having done it many times before with other providers it was a little painful, but all the odd turns you can make have been made and documented by startssl.com or their users so if you go wrong you can just search for the error.

Can’t say the process is any harder that with other providers, the only real oddity is having to use a client certificate for authentication, but I guess that resolve the weak password problem once and for all.

But being a bit geeky I now have a selection of 4 certificates for various personal bits, and the cost of doing this with the more expensive providers could rapidly outstrip the cost of the computing resources in use.