Hacker News new | comments | show | ask | jobs | submit login

Note that these free certificates are considered non-commercial-use only.

"The "StartCom Certificate Policy & Practice Statements" document ยง3.1.2.1 is explicit that the Class 1 (free) certificates are for non-commercial uses only.[3] The previous version of the CPS did not include this restriction.[4]"

You can, however, pay $60 for a personal validation (and potentially an extra $60 for company validation) to use the certs commercially. Actually, this validation lets you generate any number of SSL certificates for sites you own, for two years. This also includes wildcard certs, which you pay through the nose for from everyone else.

These guys are so much cheaper than the rest of the SSL vendors it's not funny. I've got my wildcard StartSSL certificate up on codano.com, and I've generated a few more for internal use. The validation literally took about two hours from start to finish, and most of that was just waiting for an email response/validation phone call and me scanning my passport and business documentation.

Can't recommend them enough.




Is a wildcard cert for subdomains, e.g. https://*.example.com? And it's $60 altogether for any domain I control?

Good info. Thanks!


Yep. And you can put multiple DNS entries on a single cert - check out my certificate on codano.com: it has "codano.com, "* .codano.com, "angrywizard.com" and "* .angrywizard.com", all on the same cert. The cert was free after paying $120 for personal/corporate verification.

Note that they will confirm that you are the owner of domains you try to request certs for.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: