Server Certificate FAQs
- Enable encrypted data transfer for users accessing HTTPS, or other SSL enabled services on your server
- Authenticate your server to Clients accessing those servers.
CAcert only issues certificates for publicly registered DNS domains, it's not possible to get certificates for IP adresses or internal domains (like xxx.local, read FAQ/NoDomainName for further explanations).
You must be able to confirm that you are the owner (or authorized administrator) of the domain by responding to a 'ping' email sent to either the email address listed in the whois record, or one of the RFC-mandatory addresses (hostmaster/postmaster/etc). Please see FAQ/DomainOwner
- Certificates expires in 6 months for unassured accounts; 24 months for assured accounts.
Only the domain name itself can be entered into the certificates (not your full name, company name, location, etc.). To get more information into the certificate you may consider an OrganisationAssurance.
Server Certificates - Secure your Web Server, VPN, etc.,
HowTo - How do I get a server cert?
DomainManagement - How to add and remove domains for which you want to request certificates
WebServers - their use and configuration.
MicrosoftServer - All things related to SSL and running Microsoft Services
MailTransfer Agents (MTA's) (incl. Postfix, Dovecot, and others)
FTP-Server vsftpd as example
VhostTaskForce - How can I secure multiple VHosts on the same server?
openVPN - Build a tunnel with CAcert certificates