If all of that work to use StartSSL is not worth your time, certs from “real” CAs can be had for 5 bucks a year. I recently switched a few of my free StartSSL certs to paid ones because I could register them for 5 years at a time (for $25) and wouldn’t have to deal with renewing and installing new certs every year.
StartSSL’s OCSP servers were DDoSed last year causing browser hangs for anyone visiting a site using a StartSSL cert. While it could certainly happen to any CA, StartSSL offering free certs to possibly-less-than-legit sites might make them more of a target for idiots that engage in these types of attacks.
If all of that work to use StartSSL is not worth your time, certs from “real” CAs can be had for 5 bucks a year. I recently switched a few of my free StartSSL certs to paid ones because I could register them for 5 years at a time (for $25) and wouldn’t have to deal with renewing and installing new certs every year.
StartSSL’s OCSP servers were DDoSed last year causing browser hangs for anyone visiting a site using a StartSSL cert. While it could certainly happen to any CA, StartSSL offering free certs to possibly-less-than-legit sites might make them more of a target for idiots that engage in these types of attacks.
Kind of related: gandi.net offer the first year of SSL free on domain purchases (and transfers in..)