Home > Network > SSL > startssl | About

Because up until recently, it's for personal, non-commercial use only. If you intend to use it for your company you must purchase a class 2 certificate. You can read about it on the Wayback machine archive of April 2016, section 3.2.1 Classes of digital X.509 Certificate (this restriction doesn't apply anymore as of today Aug 31st 2016).

Besides, from wikipedia

StartCom's policy is to charge $25 for each revoked certificate, and it refused to waive this fee in lieu of certificates compromised due to Heartbleed, though some paying customers were granted a single free revocation.This caused many to doubt StartCom's status as a certificate authority.When provided with proof of a compromised certificate, StartCom refused to revoke the certificate for free, providing trust even after StartCom had learned that the certificate had been compromised.

Customers have reported with StartSSL infrastructure, a certificate must be revoked before a new certificate can be generated, and as StartSSL does not state how long it takes to revoke and reissue a certificate, a site can be inaccessible securely for an undetermined amount of time, with one customer reporting about 5 hours of downtime.


contact : @ychaouche yacinechaouche at yahoocom


QR Code
QR Code startssl (generated for current page)