[zackboe]

He states "We invented the 90 day free ssl. Why are they copying our business model of 90 day free ssl is the question! Comodo has provided and built a Free SSL model that give SSL for free for 90 days since 2007!"

I was curious because I had never heard of anyone providing free SSL other than StartSSL before Let's Encrypt (and Amazon).

It's a trial. No free renewals, manual or automatic.

"Free SSL certificates are valid for 90 days and are limited to one issuance per domain."

https://www.comodo.com/e-commerce/ssl-certificates/free-ssl-...

[eeeeeeeeeeeee]

He's either being disingenuous or he's terribly misinformed about how things work. Either one is unacceptable for the CEO of a major certificate provider.

Also, I feel even better about dropping ALL of my Comodo certs and switching to Lets Encrypt. I can't wait to never have to go to the Comodo website again.

[jsmeaton]

> He's either being disingenuous or he's terribly misinformed

He's trying to register the Lets Encrypt trademark and deflecting with "but they didn't so we can". I don't think there's a question of being disingenuous.

[taf2]

this/hacker news is a Comodo SSL website...

[viraptor]

Can you already use let's encrypt with cloudflare? (HN uses it for protection)

[pfg]

You can use any custom certificate, but you'll need the Business ($200/month) plan.

[viraptor]

To be more precise, I meant "is there a way to automatically manage CF certificate from LE". There are many ways to manage local certs (or update things by hand), but if you can't automatically update the CF one, it's going to be a bit of a problem.

[pfg]

Looks like CloudFlare has an API endpoint for certificate management[1], so this should be possible, though I haven't seen any tooling for this specifically.

[1]: https://api.cloudflare.com/#custom-ssl-for-a-zone-properties

[blitzd]

It's definitely doable, I ran across some examples [1] while looking for an automated process for renewing within docker.

[1]: https://github.com/AnalogJ/lexicon

[craigvn]

90 day free ssl is not really the same as free forever. It is really just a free trial which they didn't invent.

[pfg]

WoSign offers free certificates as well.

[zackboe]

Ah, you're right. I vaguely thought I was missing someone else.

[simbalion]

There's a few free SSL providers, not including the various shared hosting services which offer free SSL.

Let's Encrypt is significant because their certificate is "trusted" in all browsers. The free SSL CAs that I'm familiar with are not "trusted" in any browsers.

[pfg]

WoSign and StartCom are actually included in all major root programs.