
StartSSL starts LetsEncrypt competitor product - jakobbuis
https://www.startssl.com/StartEncrypt
======
stirner
I remember using a StartSSL certificate. It wasn't linked to an account or
anything sane, but instead installed a certificate in the browser which it
used in place of login details. I happened to do this on my phone, which did
not offer any way to access or export this certificate. When that phone died,
my account was lost.

I'd warn against using anything from StartSSL, but I don't think anyone is
going to in the first place.

~~~
electroly
As someone who is an actual StartSSL customer and not just someone who got
confused by the login process and gave up, I think StartSSL is great. I
haven't found cheaper identity validation elsewhere, and you can pump out
unlimited certificates once you're validated. Using client certificates to log
into the site is annoying, but it's fine once you figure out how it works. The
problem you describe with losing your cert is not a problem: you can
regenerate the login certificate using the "Lost authentication certificate?"
link. I have done so and confirm that it works and that you don't need the old
certificate to generate a new one. It _is_ tied to a persistent account
(contrary to what you claim in your post), so you lose nothing, and had you
used an actual computer you could have backed up the certificate.

~~~
stirner
I can't claim to remember all the details (this was several years ago before I
started at uni), but I'm certain I attempted to find an option like this and
didn't. It may have been added in the interim or I might have simply been too
inexperienced.

------
mrgreenfur
Before everyone trashes them, know that for a long time (years before
LetsEncrypt) they were the only source for free SSL certs. Their site is a bit
wonkey, but they really brought ssl to the masses when verisign etc were
charging $100+ per cert.

More competition to make free ssl easier and better is welcome in my book.

------
NKCSS
E-mail I've received from them:

Dear StartCom customers,

This electronic mail message was created by StartCom's Administration
Personnel:

StartCom, a leading global Certificate Authority (CA) and provider of trusted
identity and authentication services, announces a new service – StartEncrypt
today, an automatic SSL certificate issuance and installation software for
your web server.

StartEncrypt is based the StartAPI system to let you get SSL certificate and
install the SSL certificate in your web server for free and automatically, no
any coding, just one click to install it in your server.

Compare with Let’s Encrypt, StartEncrypt support Windows and Linux server for
most popular web server software, and have many incomparable advantages as:

(1) Not just get the SSL certificate automatically, but install it
automatically;

(2) Not just Encrypted, but also identity validated to display EV Green Bar
and OV organization name in the certificate;

(3) Not just 90 days period certificate, but up to 39 months, more than 1180
days;

(4) Not just low assurance DV SSL certificate, but also high assurance OV SSL
certificate and green bar EV SSL certificate;

(5) Not just for one domain, but up to 120 domains with wildcard support;

(6) All OV SSL certificate and EV SSL certificate are free, just make sure
your StartSSL account is verified as Class 3 or Class 4 identity.

StartEncrypt together with StartSSL to let your website start to https without
any pain, to let your website keep green bar that give more confident to your
online customer and bring to online revenue to you. Let’s start to encrypt
now.

Please do not reply to this email. This is an unmonitored email address, and
replies to this email cannot be responded to or read. If you have any question
or comments, just click Here
(([https://startssl.com/reply](https://startssl.com/reply)) to send your
question to us, thanks.

Best Regards StartCom™ Certification Authority

------
dibbsonline
StartSSL charging to revoke their free certs after heartbleed, won't forget
that.

------
mdaniel
I was trying to recover my login certificate, which I think was in a copy of
Firefox somewhere. They were happy to send me a verification code to my email,
then asked for my private key password for the replacement cert. I, of course,
asked 1Password to generate one for me, but because it had symbols in it, I
received the dreaded password validation error:

> *Password length 10~32 , consist of letters, numbers

Et tu, StartSSL?

------
sofaofthedamned
That's interesting in that it is an EV certificate.

Has anybody used this?

~~~
voycey
Posted on the previous HN post, uses chkconfig in the install script so
basically RHEL flavours only despite saying x64 - couldn't be bothered after
that

~~~
stonogo
Are you kidding? It's an API. They even provide a perl script which I've used
on OpenBSD and Raspbian.

~~~
voycey
StartAPI is the API, StartSSL offers a client - similar to LetsEncrypt which
was the point of this submission. My point was that it billed itself as distro
neutral - but failed.

------
th0br0
Their ... 'English' is just atrocious to read.

    
    
      Install and https enabled, no any coding, support Windows server and Linux server;
      DV SSL certificate that up to 5 domains with one year period;

~~~
brianjking
Ha. I also noticed this. Perhaps they speak Engrish.

~~~
asztal
StartCom is based in Israel as far as I know.

~~~
_nalply
They speak English.

