Free SSL/TLS Certificate Authority

I know about startssl, but the thing that makes letsencrypt.org interesting, is the automated certificate management. No more manually having to install certs and forgetting to renew them is a thing of the past. It will make it trivial to use https on your website.
 
While SSL cert is getting cheaper (it used to cost several hundred dollars each year from big name providers), do we trust our sites on a company that provides free ssl?
What's the catch?
 
Andy.N said:
While SSL cert is getting cheaper (it used to cost several hundred dollars each year from big name providers), do we trust our sites on a company that provides free ssl?
What's the catch?
Click to expand...

Part of the cost of getting a certificate now or in the past is the fact that you are basically purchasing liability insurance with it. Which is generally required or desired for store fronts etc. Beyond that its just maintenance and for a small forum who just wants https the certs really shouldnt be more than a couple bucks to keep the authority maintained properly. But there is the whole trust issue still.
 
Tracy Perry said:
https://news.ycombinator.com/item?id=8982013

Interesting little discourse about that site... issuing in SHA1 (outmoded)
Click to expand...
old news they have sha256 now
Code: 
Session Tickets RFC 5077     86400 seconds
Server key size              2048 bit
Signature Algorithm          SHA256 with RSA
Fingerprint / Serial         SHA1 E737D0911D60FFAD925DC4B07FC9A330E91D2C32 / 1188F371489C6D91CD380851FB274515
                              SHA256 5877AB22697AED02B30357FFBBF9AA53239E1934C565288591865991D5C8D19C
Common Name (CN)             mydomain2.com (CN response to request w/o SNI: mydomain2.com)
subjectAltName (SAN)         mydomain2.com www.mydomain2.com mydomain.com
Issuer                       WoSign CA Free SSL Certificate G2 (WoSign CA Limited from CN)
Certificate Expiration       >= 60 days (2015-03-24 23:54 --> 2018-03-25 00:54 +0000)
# of certificates provided   3
Certificate Revocation List  http://crls6.wosign.com/ca6-server1-free.crl
OCSP URI                     http://ocsp6.wosign.com/ca6/server1/free
OCSP stapling                OCSP stapling offered
 
Tracy Perry said:
https://news.ycombinator.com/item?id=8982013

Interesting little discourse about that site... issuing in SHA1 (outmoded)
Click to expand...
If you visit their page:
upload_2015-6-25_12-11-25.webp
 
RoldanLT said:
It includes everything you want, unlimited domains :).
Click to expand...
I'm little confused, they just responded to me and this what it looks like:

Your order details:
Certificate Name: Free SSL Certificate
Certificate Type: SSL Certificate
Period: 3 year(Expiry Date:2018-07-12 05:07:47)
Domain in Subject: test.com,www.test.com
Click to expand...

By domain "Domain in Subject" they included the main domain only or it's full domain certificate?
 

Similar threads

M
Expand your Youtube tutorial series and docs to cover more of the basic setup and features
2
Replies
26
Views
2K
TPerry
TPerry
digitalpoint
Cloudflare optimizations for XenForo
7 8 9
Replies
175
Views
17K
digitalpoint
digitalpoint
S
Add-on Which event manger/calendar for my needs?
Replies
16
Views
1K
FTL
FTL
R
XF 2.2 About the quality of search results?
Replies
18
Views
1K
Wildcat Media
Wildcat Media
A
Extremely annoying member
2 3
Replies
58
Views
4K
Suzanne O
Suzanne O
Top Bottom