Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Came here to say something like this. While the site is a bit of a pain, and the certs are free, make damn sure you have your site configured the way you want it before you generate the certificate.

It's $25 to revoke a cert, i.e. free up the name so you can use it again elsewhere. I used part of my domain name for an XMPP cert that I later wanted to use for a web subdomain with the same name.. nope. Stupid.



Why bother revoking? Get a new cert from someone else for 10$, ditch the old one, done.


you'd want to revoke it if someone steals your private key.


Given the way Startcom operates, that could become expensive quickly. Since your private key is your gateway into your account (Why they went with this method instead of requiring a sensible password is beyond me, it's one of the reasons their site is a huge pain...), theoretically every certificate you own is compromised, and therefore you'd be out $25 for each one.

..ouch!




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: