I remember using a StartSSL certificate. It wasn't linked to an account or anything sane, but instead installed a certificate in the browser which it used in place of login details. I happened to do this on my phone, which did not offer any way to access or export this certificate. When that phone died, my account was lost.
I'd warn against using anything from StartSSL, but I don't think anyone is going to in the first place.
As someone who is an actual StartSSL customer and not just someone who got confused by the login process and gave up, I think StartSSL is great. I haven't found cheaper identity validation elsewhere, and you can pump out unlimited certificates once you're validated. Using client certificates to log into the site is annoying, but it's fine once you figure out how it works. The problem you describe with losing your cert is not a problem: you can regenerate the login certificate using the "Lost authentication certificate?" link. I have done so and confirm that it works and that you don't need the old certificate to generate a new one. It is tied to a persistent account (contrary to what you claim in your post), so you lose nothing, and had you used an actual computer you could have backed up the certificate.
I can't claim to remember all the details (this was several years ago before I started at uni), but I'm certain I attempted to find an option like this and didn't. It may have been added in the interim or I might have simply been too inexperienced.
I've done that several times in the past, never had to contact support. Just go through as a new user. It means you have to revalidate your domain ownership but that's not much of a hassle.
That's not true. I regenerated several login certificates before I finally actually figured out how to install the certificate in my browser. You are not screwed if you lose your login certificate. As long as you have access to the email address, you're fine. Use the "Lost authentication certificate?" link on the login page.
Before everyone trashes them, know that for a long time (years before LetsEncrypt) they were the only source for free SSL certs. Their site is a bit wonkey, but they really brought ssl to the masses when verisign etc were charging $100+ per cert.
More competition to make free ssl easier and better is welcome in my book.
This electronic mail message was created by StartCom's Administration Personnel:
StartCom, a leading global Certificate Authority (CA) and provider of trusted identity and authentication services, announces a new service – StartEncrypt today, an automatic SSL certificate issuance and installation software for your web server.
StartEncrypt is based the StartAPI system to let you get SSL certificate and install the SSL certificate in your web server for free and automatically, no any coding, just one click to install it in your server.
Compare with Let’s Encrypt, StartEncrypt support Windows and Linux server for most popular web server software, and have many incomparable advantages as:
(1) Not just get the SSL certificate automatically, but install it automatically;
(2) Not just Encrypted, but also identity validated to display EV Green Bar and OV organization name in the certificate;
(3) Not just 90 days period certificate, but up to 39 months, more than 1180 days;
(4) Not just low assurance DV SSL certificate, but also high assurance OV SSL certificate and green bar EV SSL certificate;
(5) Not just for one domain, but up to 120 domains with wildcard support;
(6) All OV SSL certificate and EV SSL certificate are free, just make sure your StartSSL account is verified as Class 3 or Class 4 identity.
StartEncrypt together with StartSSL to let your website start to https without any pain, to let your website keep green bar that give more confident to your online customer and bring to online revenue to you. Let’s start to encrypt now.
Please do not reply to this email. This is an unmonitored email address, and replies to this email cannot be responded to or read.
If you have any question or comments, just click Here ((https://startssl.com/reply) to send your question to us, thanks.
I was trying to recover my login certificate, which I think was in a copy of Firefox somewhere. They were happy to send me a verification code to my email, then asked for my private key password for the replacement cert. I, of course, asked 1Password to generate one for me, but because it had symbols in it, I received the dreaded password validation error:
> *Password length 10~32 , consist of letters, numbers
I registered an EV certificate. Your organisation needs to be registered, for example at the Commercial Registry Office Zurich, and a lawyer registered at a bar (in our case at the Obergericht Zürich) who signs a legal opinion of your organisation's existence. You have to sign a declaration that you are a representative of the organisation and accept the terms of service of StartSSL.
The costs were, as far as I remember, $59 for the personal certification then $149 for EV.
Posted on the previous HN post, uses chkconfig in the install script so basically RHEL flavours only despite saying x64 - couldn't be bothered after that
StartAPI is the API, StartSSL offers a client - similar to LetsEncrypt which was the point of this submission. My point was that it billed itself as distro neutral - but failed.
I'd warn against using anything from StartSSL, but I don't think anyone is going to in the first place.