New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
The new StartCom SSL
Notice to all subscribers:
StartCom will launch the new secure system in April 10th, the new website URL is https://www.startcomca.com, please use the new website that it will issue the certificate from new StartCom Root CA. thanks.
Firefox 55.0a1 (2017-04-09) (64-bit) didn't trust https://www.startcomca.com/
But trusted on Chrome Version 55.0.2883.75 (64-bit)
Both on Linux
They use Camerfirma SSL
Oh my GOD https://www.ssllabs.com/ssltest/analyze.html?d=www.startcomca.com&hideResults=on
" This server's certificate chain is incomplete. Grade capped to B. "
Comments
Am I reading this right, (useless) EV certs for less than two bucks? What the actual fuck..
Lol. Aren't they out of browser trust lists for the next year?
That's US $ 199.90. Their new website, unusable right now. IDK what timezone their April 10th is. I'm already on Tue Apr 11 10:07:27
whaat? but half the fun of getting free SSL certificates was trying to figure out their clusterf*ck of a website...
Note that:
For other types of certificate, StartCom will still charge for the validation.
So it's not even $1.5/year, it's just entirely free, if you only want SSL certs (and not code signing or E-Mail certs).
As for the website, it works for me in Chromium 52, but not in Pale Moon.
not worked in chrome 57.0.2987.133 (64-bit)
NET::ERR_CERT_AUTHORITY_INVALID
After login
I asking few question via Live Chat, the EV SSL is only trusted by Microsoft
"At the moment they are trusted only with Microsoft products, that is why we are giving it for "free". We are working on the issue, but we will fix the problem in around two mouths."
"We are working on the issue, but we will fix the problem in around two mouths."
Translation: Prepare to swallow.
Weren't they the guys who gave free SSL but if you needed to reissue, it was an arm and a leg?
https://swissns.ch/site/lps/ssl/index.html
Can confirm. The site is going up and down, while displaying the wrong prices.
With LetsEncrypt, why would anyone bother with StarCom?
To save a few keystrokes, once upon a time. Nowadays doesn't seem worth it, haven't touched them in ages, don't plan to again.
Renewals are NEVER rate limited, read the docs: https://letsencrypt.org/docs/rate-limits/
And why would you need to revoke a certificate that you deleted? The point of revocation is to invalidate leaked certificate. With cert life spans of 3 months, it's not as big of a deal as it used to be anyway.
This is outright horseshit. I've requested almost 50 at a time from the same subnet over a handful of hosts. Post the logs.
I should split " I've 10 sites using Letsecnrypt some renewal hit and miss. (at least on my case)" with the first.
Why it's a big deal if cert expired in 1 year?
If this worked for 3 year cert then it'd be nice, but as it stands you might just as well go with assl.loovit.net
Just wondering if something outed from Europe right now instead Comodo or similar.
Does anyone know if subdomains can be added, besides www? Can't find any info on their website.
Is this a serious company? The website loovit.net is more than fishy, it's a nearly empty site not providing any piece of information...
It's being provided by a member in this forum.. he offers free standard/wildcard SSL certificates for members here.
Amazing! But are these certificates widely accepted? Which CA is behind them?
Yes it's widely accepted, it's a AlphaSSL cert the root CA is GlobalSign.
There also some discounted Polish SSL exist 10 PLN around $2/yr
https://az.pl/ssl/
Wildcard or single subdomain/domain?
wildcard = 60 zł
~15 USD
Apart from the "it might be revoked if outside the intended host use", is they any other reason not to?
LE takes about half the time to setup?
LE bundles your subdomains together on the cert, if I'm not mistaken. Which effectively means you can't have "private" subdomains with them. With a wildcard on the other hand...