New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Have you contacted the provider?
Probably singlehop or similar certs that are only permitted for use on their network. Bad luck, reverse paypal.
Yes, I just opened a ticket, and am still awaiting answer.
Could this explain why they have been out of stock?
Yup, just saw they increased the price a bit, and now out of stock.
Yeah I got a wildcard cert for free from a member here on LET, I believe he obtains these from the same source as HostMyBytes and other cheap sellers, and just checked, mine is revoked too.
Seems like SingleHop started to crack down on these cheap wildcard resellers, if you bought an AlphaSSL wildcard cert for $3-$10, time to check your domain at https://www.ssllabs.com/ssltest/
If you find yours revoked, a quick solution (without paying $40+) is to switch to WoSign, up to 10 domains for free, at least in case if you can get by with 10 domains instead of wildcard.
https://www.ohling.org/blog/2015/02/wosign-free-2y-ssl-certificate.html
@elgs - Yup, my Host My Bites issued certs are revoked as well. @HostMyBytes
Can we complain? Or have to accept?
You can always complain, this is LET.
Seriously though, you should ask for a refund from the company who sold you the cert. If they refuse, then open Paypal dispute if it's not too late.
@rm_ thanks for recommending WoSign. However, I still need some wildcard certs, for two reasons:
1. I have a lot of machine to deploy, 10 is not enough, also deploying different certs and keys is too troublesome;
2. Honestly, I don't trust a Chinese provider;
So do you have any other recommendation for a more proper provider? I used to buy from SSLS, their cheapest is around $80 per year.
Yes thanks I will. But now refund is not the primary thing right now, anyway it's very cheap. The thing right now is I need to replace those revoked certs from a new and reliable provider.
I bought a cert as it was $5 and thought, why not. It got revoked yesterday by the CA so I made a support ticket, they claimed to have no idea what was going on and even posted a fake SSL Labs screenshot in the ticket for a test which would have showed the certificate was revoked. So their support is lying to customers.
They offered a refund or a reissue from another vendor, I asked for a reissue and was then told that the price would now be $50 as they could not get them for $5 anymore. And asked for a $45 payment to reissue it.
It's pretty clear what's going on at this point. Just tried to reply to the ticket, but their WHMCS SSL certificate is... you guessed it, revoked as well.
I'd avoid this provider. Hope they'll issue a refund.
Wondering if their reselling and our buying these cheap certs are totally legit. If they are, then should revoking our certs be considered not legit?
I believe that those are singlehop certificates and singlehop is cracking down on resellers with mass revocation.
The next cheapest option all around is getting verified to Class 2 at StartSSL http://www.startssl.com/ (costs $60 one time), then for a duration of 1 year you can issue any number of wildcard certs for any domains that you own for free, and the certs will be valid for 2 years.
Mine still work fine, it wasn't from HostMyByte however.
That test may flap back and forth between revoked/not revoked if it happened just days ago, so there is a possibility they are not lying on purpose.
Bought three certs from hmb. The two first I got through their support and appears to still be valid. The third was emailed directly to me from Globalsign CC Singleshop and that one seems to be revoked
Ran the test a few times right there and then, SSL Labs caches the results. Gave them the link and the support rep claimed the same link was showing the results as not revoked. I did ask a friend to check it and he got the same results as me.
There's no way in hell SSL Labs was showing it as not revoked. In the screenshot they posted, the top part of it showing the certificate host was conveniently left out, could have been from any valid test.
Thanks, $60 for 2 years seems to be not bad.
Any revoked certificates are eligible for a full refund. You will just need to contact us via the customer portal and we'll take care of it.
Refund? I think you should actually reissue them as a responsible provider.
I would advise next time against selling dodgy services.
Are you centriohost?
You can start with refunding yourself then...
I already got all refund. Probably this is out of their control. Not sure whether hostmybytes should sue their providers.
AFAIK, they are selling something that's not intended for selling. SingleHop provide those certs to their clients (and the clients of the clients) for free to be used on SH's network ONLY but HMB are selling them for a profit and allowing them to be used elsewhere.
Thanks, we are glad to that things are better now.
If there's anything that anyone needs, please let us know. We're happy to throw in a free hosting account to anyone affected by this.
We have also fixed our own client area at this point in time.
haha, sue SH for abusing SHs Infra? If any SH should sue them, not the other way...
Hmmm I've got a cert I paid for but I haven't used. Wonder if i'll be affected by this. Also HostMyBytes...
SH*