Neil Turner's Blog

Blogging about technology and randomness since 2002


SSL secured message in Firefox

One of my first projects after moving to the new server was to sort out a SSL certificate. Until now, any secure connections to this site have been using a ‘self-signed’ certificate which brings up big red warnings in most web browsers. Which is fine for me as I know I can ignore the warnings, but not ideal.

However, Google is (rightly) making HTTPS sites rank slightly higher in its results pages. So having a proper SSL certificate verified by a third-party is now more important, and not just because it offers better security to your users.

Two things were holding me back from getting a certificate in the past: the need to have an extra IP address, and the cost.

Extra IP address

Traditionally, if you want a SSL certificate for a particular domain, that domain would need to have its own, unique IP address. This was something that my host offered, but only by raising a support ticket and having it added manually. On the new BigV platform, I can easily add up to four IP addresses, allocate each to a domain name and set the reverse DNS. More IP addresses are available if needed, but on a request basis – after all, there aren’t many spare IPv4 addresses left.


I also had it in my head that SSL certificates were expensive – I was expecting at least £10 per month. As I’m saving £6 per month on my new hosting package, I decided to spend some of that saved money on an SSL certificate. Richy recommended Xilo to me via Twitter, and they offer SSL certificates for £16 per year – which is much cheaper than I expected. Xilo are a Comodo re-seller.

Setting up the certificate was really simple – it took me around 10 minutes, following Bytemark’s user manual. It’s been in place for a week now and works fine. I can’t get an Extended Validation (EV) certificate which shows the green bar in web browsers, as I’m not a company – individuals have to go for the more bog standard certificates.

Right now SSL is there as an option if you want to use it, but it isn’t the default. I may change my mind and make the site HTTPS-only, but this would require me to fix every link to every embedded image over 13 years of blog posts, and I’m not sure of the effect on my server’s load. That’s a project for another time.

One Comment

  1. rates your domain a ‘B’, dinging you for using RC4. Pretty good overall.