Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> on a $800 certificate that doesn't do anything a $8 certificate can't do

Unless you need *.domain.tld certificates.



You can get unlimited *.domain.tld certificates from StartSSL after inexpensive verfication step. But don't tell anyone.


AFAIK those are $60, not free.


Why does it have to be free?

Domains are not free. Servers are not free. Bandwidth is not free. Time spent confirming a domain's ownership is not free. Would you rather get free certificates from a CA whose website is littered with gaudy ads?


> Why does it have to be free?

Because that's what we were talking about: free certificates from StartSSL (or $8 from Comodo) which did everything that $800 certificates do.

I just meant to refute it.


That's payment for green icon in the address bar, nothing more. Monopolized market of green icons.


The $60 were meant with the inexpensive verification step. Then the number of wildcard certificates is not limited.


You pay that fee, and then can generate unlimited wildcard certificates for a year.


Which is > $8... and specially > free.

You can get a free Lamborghini for an inexpensive $400,000 one-time fee!


If you have >7 domains and want wildcard certificates, it is the cheapest option.

Edit: also, if I can get an unlimited number of Lamborghinis for just 400k, where do I sign up??


> If you have >7 domains and want wildcard certificates, it is the cheapest option.

Thanks for the info but I just tried to refute the fact that free/$8 certificates do the same as $800, which they clearly don't.

Don't get me wrong: it's great! But completely irrelevant for the argument.

> if I can get an unlimited number of Lamborghinis for just 400k, where do I sign up??

You only get a single certificate for $60, not an unlimited number of them.

EDIT: see child comment, I'm wrong and you do get unlimited certificates.


You are wrong. At StartSSL, you can get an unlimited number once they validated your person, which costs 60$. That validation lasts for a year. During that year you can generate as many wildcard certificates as you want.

See https://www.startssl.com/?app=25#27

"The fees for Class 2 (60$) and higher are applied to the verification and not for the certificate(s), i.e. you pay for the validations we perform. Once validated there is no limit placed on the amount of certificates one can receive (This depends on other limitations such as uniqueness of the subject line for example)."

Edit: They cover exactly their costs. The cost is at validating your persona (they call you, you fax them scans of your passport/drivers license/etc, they need to check that etc.). Issuing a certificate is fully automatic so there are no costs associated with that, so they don't charge for that.


But why do wildcard certificates need more validation in the first place?


Thanks! That's good to know! (But irrelevant to the discussion anyways.) Edited the info in the parent comment for further readers.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: