back to article Shamed TLS/SSL cert authority StartCom to shut up shop

Controversial certificate authority StartCom is going out of business. Startcom board chairman Xiaosheng Tan told The Register the business will close its doors on January 1, 2018, at which point new certificates will no longer be issued. CRL and OCSP service will continue for two years from then, when StartCom's three key …

  1. Stuart 22

    RIP and a big thank you from me.

    Great while they lasted. At least the laid the path that led to Letsencrypt. Except I sometimes miss the hassle of navigating their authentication system.

    I wonder if it was mere coincidence that Google et al laid off them until free Letsencrypt was up and running. Otherwise many of us with SSL sites would have been held hostage by the rapacious CAs if it had been killed off earlier.

    1. Anonymous Coward
      Anonymous Coward

      "At least the laid the path that led to Letsencrypt."

      Who only issue 90 day certs and who's tools don't work the on 50% of websites that run IIS.

      At least they are free though.

      1. Anonymous Coward
        Anonymous Coward

        RE: "Who only issue 90 day certs and who's tools don't work the on 50% of websites that run IIS."

        What's the problem with a 90 day validity time? Let's Encrypt renewals are automated, you could renew daily if you wanted. The extremely long 90 day period is partly to reduce server load and partly to allow for intermittent failures in the renewal process.

        When you say that the tools don't work on 50% of IIS websites... It would appear that there are automated interactive tools for IIS, as well as the same choice of command line options as a linux system. What is the problem?

        1. Anonymous Coward
          Anonymous Coward

          RE: "Who only issue 90 day certs and who's tools don't work the on 50% of websites that run IIS."

          "When you say that the tools don't work on 50% of IIS websites.."

          No, I said that they don't work on the 50% of all websites that run IIS. As per Netcraft...

          ". It would appear that there are automated interactive tools for IIS,"

          It would also appear that those tools are from third parties only and many are chargeable!

    2. Anonymous Coward
      Anonymous Coward

      Yep, they should have a beer! Whilst a pain and not well supported, it met my needs.

      I've since moved on.. I did try letsencrypt, but having to renew so frequently is a pain, especially when I can't automate it (it's for my home lab firewall). But I did manage to find a comodo SSL which cost about $10 a year, so I brought a 3 year one..

  2. Anonymous Coward
    Anonymous Coward

    Used them too. Was a little bit nervous about sending ID to an Israeli company, though. Always wondered if a forged passport in my name would turn up on a dead Palestinian somewhere or other...

    1. Anonymous Coward
      Anonymous Coward

      "Always wondered if a forged passport in my name would turn up on a dead Palestinian "

      Surely "on an Israeli assassin" ?

  3. JWLong

    Or possibly on both!

  4. keithzg

    While it's true that StartSSL was basically supplanted entirely by LetsEncrypt, whereabouts now might one get a non-outrageously-expensive cert for signing Windows executables?

    1. TheVogon Silver badge

      "whereabouts now might one get a non-outrageously-expensive cert for signing Windows executables?"

      See https://cheapsslsecurity.co.uk/comodo/codesigningcertificate.html

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019