Hacker News new | past | comments | ask | show | jobs | submit login

If I remember correctly there were some issues with StartSSL, but I don't have the details right now.



It's a TOS violation to use their free certificates in a commercial project.


They charge for certificate revocation, which became a bit of an issue during the Heartbleed massacre.


It is only an issue if you actually care about security. If all you want is a checkmark or the ability to show up in browser then that is more than good enough.


Their customer service is appalling, but you pay for what you get.

The original point was that requiring HTTPS would mean free-to-host HTTP services would go out of business as it was impossible to provide free HTTPS certificates, and in that sense, StartSSL proves them wrong.


Not if those free-to-host HTTP services are commercial entities; StartSSL's free certificates can't be used commercially per their terms of service.

And if StartSSL is the only option, then I'm sticking to HTTP. They're a nightmare to deal with even for non-commercial use, let alone commercial.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: