ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Least expensive wildcard cert?

    Scheduled Pinned Locked Moved IT Discussion
    35 Posts 12 Posters 4.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • JaredBuschJ
      JaredBusch
      last edited by

      StartCom is actually most likely still a decent service, but they were bought by WoSign who got in trouble for something or another. I do not recall the details of that.

      Because a CA has to be completely trustworthy, and the WoSign purchase was secret, boom no more StartCom certs.

      0_1486088870550_upload-e9001564-7d41-4461-a6b3-4e6ba9751a90

      1 Reply Last reply Reply Quote 1
      • FATeknollogeeF
        FATeknollogee
        last edited by FATeknollogee

        They got caught backdating certs & doing some other funky stuff.
        https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/
        https://www.theregister.co.uk/2016/10/10/heads_roll_as_qihoo_360_moves_to_end_wosign_startcom_certificate_row/

        JaredBuschJ 1 Reply Last reply Reply Quote 0
        • JaredBuschJ
          JaredBusch @FATeknollogee
          last edited by

          @FATeknollogee said in Least expensive wildcard cert?:

          They got caught backdating certs & doing some other funky stuff.
          https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/
          https://www.theregister.co.uk/2016/10/10/heads_roll_as_qihoo_360_moves_to_end_wosign_startcom_certificate_row/

          To my understanding, it was WoSign that did this stuff, not StartCom. WoSign then secretly bought StartCom. That is the part that killed StartCom.

          1 Reply Last reply Reply Quote 1
          • FATeknollogeeF
            FATeknollogee
            last edited by

            ^ Yes, that is correct, not StartCom ^

            Question is will StartCom (+ WoSign) ever recover since they have not yet claimed that they are dead or out of business!

            scottalanmillerS 1 Reply Last reply Reply Quote 0
            • scottalanmillerS
              scottalanmiller @FATeknollogee
              last edited by

              @FATeknollogee said in Least expensive wildcard cert?:

              ^ Yes, that is correct, not StartCom ^

              Question is will StartCom (+ WoSign) ever recover since they have not yet claimed that they are dead or out of business!

              Lenovo is doing well selling to people who can't remember the biggest news in IT security ever, even thought it is recent, and that is far worse. So I imagine that the average shop will just ignore the security problems here and keep giving them money.

              FATeknollogeeF 1 Reply Last reply Reply Quote 0
              • dafyreD
                dafyre
                last edited by

                I was looking at a cell phone the other day and saw Lenovo. I closed the page and washed my eyes out with soapy water.

                1 Reply Last reply Reply Quote 0
                • FATeknollogeeF
                  FATeknollogee @scottalanmiller
                  last edited by

                  @scottalanmiller said in Least expensive wildcard cert?:

                  Lenovo is doing well selling to people who can't remember the biggest news in IT security ever, even thought it is recent, and that is far worse. So I imagine that the average shop will just ignore the security problems here and keep giving them money.

                  True, but the browser folks (Mozilla, Google, Apple & Msft) will have more influence on whether or not they stay alive.
                  What can they do if no browser's will trust their certs?

                  scottalanmillerS 1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller @FATeknollogee
                    last edited by

                    @FATeknollogee said in Least expensive wildcard cert?:

                    @scottalanmiller said in Least expensive wildcard cert?:

                    Lenovo is doing well selling to people who can't remember the biggest news in IT security ever, even thought it is recent, and that is far worse. So I imagine that the average shop will just ignore the security problems here and keep giving them money.

                    True, but the browser folks (Mozilla, Google, Apple & Msft) will have more influence on whether or not they stay alive.
                    What can they do if no browser's will trust their certs?

                    Maybe, we will see.

                    JaredBuschJ 1 Reply Last reply Reply Quote 0
                    • JaredBuschJ
                      JaredBusch @scottalanmiller
                      last edited by JaredBusch

                      @scottalanmiller said in Least expensive wildcard cert?:

                      @FATeknollogee said in Least expensive wildcard cert?:

                      @scottalanmiller said in Least expensive wildcard cert?:

                      Lenovo is doing well selling to people who can't remember the biggest news in IT security ever, even thought it is recent, and that is far worse. So I imagine that the average shop will just ignore the security problems here and keep giving them money.

                      True, but the browser folks (Mozilla, Google, Apple & Msft) will have more influence on whether or not they stay alive.
                      What can they do if no browser's will trust their certs?

                      Maybe, we will see.

                      Only 2 browsers are not trusting them right now though. Here is the image I posted above.
                      2wp70E6.png

                      IRJI 1 Reply Last reply Reply Quote 0
                      • K
                        Kait
                        last edited by

                        Take a look at https://www.cheapsslshop.com/wildcard-ssl-certificates

                        I have very good experience with them.

                        1 Reply Last reply Reply Quote 1
                        • H
                          henriette
                          last edited by henriette

                          Not recently but before some year purchased from one reputed ssl provider clickssl. 10 out of 10 for their customer support.

                          1 Reply Last reply Reply Quote 1
                          • IRJI
                            IRJ @JaredBusch
                            last edited by

                            @JaredBusch said in Least expensive wildcard cert?:

                            @scottalanmiller said in Least expensive wildcard cert?:

                            @FATeknollogee said in Least expensive wildcard cert?:

                            @scottalanmiller said in Least expensive wildcard cert?:

                            Lenovo is doing well selling to people who can't remember the biggest news in IT security ever, even thought it is recent, and that is far worse. So I imagine that the average shop will just ignore the security problems here and keep giving them money.

                            True, but the browser folks (Mozilla, Google, Apple & Msft) will have more influence on whether or not they stay alive.
                            What can they do if no browser's will trust their certs?

                            Maybe, we will see.

                            Only 2 browsers are not trusting them right now though. Here is the image I posted above.
                            2wp70E6.png

                            Thank God that they support Netscape Navigator....

                            1 Reply Last reply Reply Quote 3
                            • 1
                            • 2
                            • 1 / 2
                            • First post
                              Last post