Page 1 of 1

Critical: bad ssl cert on

Posted: Wed May 18, 2016 5:28 pm
by gongobaz
I just wanted to check what you are writing on - and what I see is a bad ssl cert warning. The same is true for

This is not acceptable regarding the service you are offering. If I personally would consider to offer reselling your services then it would be of extraordinary importance that such fails will never happen.

Another problem with the cert is that it is a COMODO cert from 2014 - I do not know one single person in the crypto community who would still trust COMODO, they have been hacked multiple times and certificates issued by this company are absolutely not trustable. It is a warning signal of utter incompetence. It would be much better if you offered letsencrypt certs.

These are two very heavy points and I wonder how "crypto and security experts" can commit such incredible errors on their public website, as both are a fatal demonstration of incompetence. Of course your plus is that users are even more incompetent and trust cool hacker-style site designs more than ssl certs.

Please get valid certs for that subdomains, not joke certs by comodo, and also setup any kind of cert monitoring - it is obvious that you are not monitoring your ssl certs for these kind of errors, otherwise this could not happen. Also this creates some room for questions about your setup: if you are not monitoring for ssl cert errors on your website, what else are you not monitoring...

However, this must be resolved asap, please do it, thanks. Also it is kind of irritating that one random person coming to your website finds that problem after two minutes of surfing around. If you need more security competent people to help you, as you are clearly demonstrating, please publish job offers.

However, it is also an interesting case to see how you handle this and if you are standing behind your words and are really embracing outside critique.

Thanks and please fix it quick,
Random Visitor