i'd stay away from startssl/startcom/wosign - nice read of their issues and potential future issues https://community.centminmod.com/threads/wosign-ssl-cert-trainwreck.8520/
Would you please elaborate on why does it sound "very fishy" sir? Is it the same reason why some people think/feel that the free services and free software are "very fishy"? I am sure some people agree that a free web browser, a free version control system, and a free operating system all sound "very fishy" and so are Free SSL/TLS Certificates issued by Let's Encrypt which says, "Let’s Encrypt is a free, automated, and open certificate authority brought to you by the non-profit Internet Security Research Group (ISRG)."Free SSL certificates sounds very fishy.
It costs money to generate certificates and run servers. "Free" web/image/whatever hosting companies make money from advertising, but it does not apply to SSL certs. You can't embed ad in certificate. So they don't make money. No money -> no servers -> no service.Would you please elaborate on why does it sound "very fishy" sir?
Obviously, there is a reason why certificate authority services cost money, but that is true for ever space where free and paid services compete. Being paid doesn't necessarily make a service more reliable and being free doesn't make a service more fishy. For example, a paid service may go out of business because of the growing competition where profits become marginal.It costs money to generate certificates and run servers. "Free" web/image/whatever hosting companies make money from advertising, but it does not apply to SSL certs. You can't embed ad in certificate. So they don't make money. No money -> no servers -> no service.
SSL certificates service must be reliable. If its not, its fishy and not trustworthy. If you use their service and something happens to their servers, your visitors (including search engines) will experience issues verifying certificate. That might tank your site's traffic and search engine standings.
Its not worth it. Better pay $9/year for Comodo certificate or not use SSL at all.
That thing is such a scam. I was a paid member of it for a while and their website was broken so I couldn't get my fancy @linux.com email address. Their contact forms were broken, the webmaster email had no response and there was no way to make contact with them, not even on the email with payment. Oh well, I consider it a charitable donation.Linux Foundation
https://www.scmagazine.com/google-removes-trust-for-certs-issued-by-wosign-and-startcom/article/570307/Hmm, had them for 2 years. Still working so far. Why would they not trust them I wonder?