New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Free 1 year Wildcard SSL
Tried this and it issued me a 1 year sectigo wildcard cert. Any idea how they offer it for free?
Comments
people still buy ssl?
Some sort of partnership, but I doubt it's costing them much. They're likely doing this to get more 'customers'.
I remember Namecheap had promotions (Black Friday?) for wildcard certificates via Comodo's PositiveSSL (which I guess is specifically branded under Sectigo now) for something like $20 per year, even years ago (2017).
I suppose buying for a year at a time is useful to some people still, but personally I just use Let's Encrypt's wildcard certificates. With automated renewals it's easy.
PositiveSSL Wildcard was never that cheap, the cheapest was around $45 USD per year.
Edit: I missed that BF part
$20 USD for BF sales is totally ok.
It's FREE from the 1st post
And yes, for best compatible, paid SSL would be a better choice.
It definitely was:
never paid for an ssl cert, and never will
just happened to see this and tried it out
It's Black Friday sales, not normal price.
Just like this time you can get it for totally Free.
Edit: I missed that BF part
$20 USD for BF sales is totally ok.
I wonder what I would do if all free SSL providers deadpool at the same time.
I set my HSTS for one month only, specifically for this scenario.
You find surprising how they offer an immaterial sequence of bytes, which they can produce as much as they want, for free?
Not to mention Let's Encrypt does the same, and I'm not sure it's worth it to reconfigure my servers to take advantage of this one. At least if this was 3 years.
yeah, but i dont think they are a CA. they are just a reseller it seems
Yes. Like I literally mentioned in my original reply.
I guess reading within context is hard for some people...
Yes, I missed that BF part
$20 USD for BF sales is totally ok.
Seriously? Look at Registrars, they offer SSL for cash, many clients buy it. I estimate (don't ask how I do that) that SSLs will still be bought for another 3 years.
there are always people who dont know about free alternatives or are using shitty shared hosting without lets encrypt
Exactly!
welp, that didnt last long
For our private "me, my wife and kids and our dog" site letsencrypt usually is good enough, particularly when considering that the main reason we need a certificate in the first place is stupidity, vanity, or peer group pressure, and I use it myself for "pro forma" sakkurity neither I nor my visitors really need anyway.
For more serious stuff though and particularly for clients I always buy (or suggest to buy) a certificate. One major reason being that the legal situation between me and letsencrypt is in between ridiculous and non-existent and non-enforcable anyway, while between me and a commercial cert provider there is a legal basis, I do have rights, I can expect them to meet some standards and I can hold them liable.
And I'm not alone ...
Amazon: DigiCert
Google: their own
Walmart: Globalsign
Dell: DigiCert
CitiBank: DigiCert
OVH: Sectigo (Comodo)
Hetzner: DigiCert
Toyota: Amazon
Side note: for private stuff I don't care but for professional and business use I do not even consider offers from providers with a letsencrypt cert. Simple reason: why should I value their operation higher than themselves; not deeming their business worth $20 or $50 per year for a cert is a clear statement.
Why use something that's free for one year when Let's Encrypt is free indefinitely? The regular pricing is ridiculous too ($249 per year?? Even DigiCert is slightly cheaper than that.)
I'm using Let's Encrypt wildcard certs on my servers and they're working well.
If a shared hosting service doesn't provide free SSL (either via Let's Encrypt or an equivalent service) in 2021, they're really not worth using.
I ordered September 24 but cert wasn't issued because I overlooked changing the CAA of the domain name, I wonder if they will still honor it.
Ough. Didnt get one.
Anyone know where to buy something real cheap, like that $20/yr paid yearly (not 5 years) for a wildcard cert?
Not sure of any that are that cheap (other than Let's Encrypt for $0/year), but you should be able to find AlphaSSL or PositiveSSL wildcard via a reseller for $35-$50/year.
Lets Encrypt is cool and all, I use it myself on everything right now. But with the issue with the recent expiration of DST Root CA X3, I dunno if I should just buy a cheap one instead.
People have had six months to plan for that! This is why you have to enter an email address for the account. They created a forum thread on May 5th, and sent every registered user an email around May 12th:
Apparently I used a different email address per server, so I was well aware of it (and which made my regret my decision to do that):
Oh darn, I just ignore most of the emails from letsencrypt because a lot of them were for the 90 day expiration.
Now that you mentioned it, I searched my email and found it.
Set up a client that auto-renews the certs (like Certbot or acme.sh), then you won't get the expiration emails
I think I paid about $5 at gogetssl for a 1 year (non wildcard) Sectigo (Comodo) certificate. Iirc wildcards are abot $45 to $50/year.
Update: They honored it and I got my free wildcard SSL.
I didn't get that email.
Whatever, for many it also needs to be easy and acme is well known for being occasionally troublesome.
(No, I'm not generally against letsencrypt. What I'm against is to declare those who prefer a paid for cert (for whatever reason) cert as idiots (which afaik you did not)).