Security and privacy

 
 
Picture of Tim Childe
Re: SSL Certificate for Moodle
 

One idea that just came to mind... has anyone had experience using a self signed certificate??

 

Free, but a hassle for the users.  My users wouldn't need the 3rd party trust for the site as it will be a private invitation only site anyway, just need some encryption to protect the data and to prevent hacking.

 
Average of ratings: -
Picture of David Perry
Re: SSL Certificate for Moodle
Group Testers

If using shared hosting you're pretty much dependent on them anyway (unless it's Apache hosting and you can put your certificate stuff in .htaccess? Not tried).

If cost is that much of an issue, and you can't pass it on through what you're charging users, find a host that's cheaper on SSL? But you want reliability, so might have to bite the bullet. If it's education, you can probably get it cheaper but depends if you can send the hosting outfit a pre-purchased certificate package.

 
Average of ratings: -
Picture of Tim Childe
Re: SSL Certificate for Moodle
 

Can't pass on the cost, as the main use is for a charity that maybe able to justify the cost if it gets used, but is only just looking at a pilot roll out at the moment.

(I'm the treasurer of the charity, so I know there's no spare cash wink  )

I may contact my host as providing a 'one click install' package of software in a manner that is inherently insecure and so not fit for purpose is a bit naff.  Hopefully I'm missing something.

 

 

 
Average of ratings: -
Picture of Gian van der Spuy
Re: SSL Certificate for Moodle
 

I am using moodle on a Scientific Linux server (RHEL clone) with a self-signed certificate without any problems. The only difference is that the first time someone visits a secure page on my server, they have to download the certificate and allow a certificate exception in their web-browser.

 
Average of ratings: -
Picture of Howard Miller
Re: SSL Certificate for Moodle
Group DevelopersGroup Documentation writersGroup Particularly helpful Moodlers

Of course, a big part of using a 'real' certificate is that it confirms that you are who you say you are. A self-signed certificate still could be anybody. That (supposedly) is what you are paying for from the certificate issuer. 

 
Average of ratings: -