New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
What happened?
Message from ISSL:
Whatever it means, probably all those 5year wildcard SSLs have been revoked and will not work on most browsers except Chrome.
the deal was too good to be true, i knew it
The question is what will happen to all those who have paid using bitcoin or some another AliPay thing. I have paid using PayPal to ISSL and I feel secure at this time.
Another message from Neil from issl:
FYI.
Check your SSL certs.
I've bought mine from sslcertificate.cn (knewing that there's a risk that it might lead to trouble) via Bitcoin and it is now also revoked.
I have got cash back from ISSL so if somebody will have problem with certificate, should not be aware
if the cert still not use, any method can check if it was revoked?
If anyone would need PositiveSSL for Free, I may give some away (About 15-20 SSL's). You can message Me with your CSR, Make sure that, you have an admin email ([email protected]) opened and fully configured because the Verification would go there
While Generating CSR, Use the Email where you want the Final Certificate with Email.
Keep In Mind, I can't reissue them, so keep them safe along with Private Key which you generated for the SSL Issuance :-)
http://serverfault.com/questions/590504/how-do-i-check-if-my-ssl-certificates-have-been-revoked
@rm_ @Razza This will be single Domain SSL's and for 1 Year right Now.
Quick, Free, Working alternative:
http://lowendtalk.com/discussion/41289/free-chinese-2-year-ssl-certificate-dv-kuaissl-by-wosign-com#latest
Up to 100 Subdomains, order system works by now fine and even the chinese sent domain validation emails arrive quickly.
still good yet
You can test using https://www.ssllabs.com/ssltest/
I just wrote an email to @xoxo, let's see what he's going to reply (if at all). If someone needs a lot of certificates, use that site which William posted OR get Class 2 verified at Startcom, they're trustworthy.
This will be an epic loss ! But I have just checked few other websites which were using alphassl , they have had their revoked too and they didnt buy from @xoxo.
Could it be something else ? a revocation list being unreachable , etc ?
Seems true:
https://v2ex.com/t/167227
http://www.lowendtalk.com/discussion/comment/955320/#Comment_955320
and everyone will learn his lesson
A few time ago Ubisoft have blocked people who have bought their games from resellers because resellers have used codes bought using stolen CC's. Something is telling me that we have same thing here, but I do not want to accuse anyone.
I have tried to get in contact with @xoxo on qq but so far there have been no replies.....
Why don't you people Email AlphaSSL Directly ??
xoxo's last appearance on v2ex was 45 days ago. But I believe he just changed account and still stays on v2ex and LET.
I am a Chinese and I want to say...
It seems that he hacked into one of a reseller's system.
I've just asked AlphaSSL for a statement - I'll post the reply here as soon as I've got one.
Shocking.
Would like to know which "reseller" exactly.
Sigh... hmph
I'm also wondering.
xoxo has been giving away free cert in Chinese forums since Jan 2014.
https://v2ex.com/t/95769
He claimed to have sold 1024 certs on 2014/10/24. So let's assume he has sold 8k alphassl and 1k globalsignssl so far. Also assume that reseller's bulk price is U$10 for alphassl and U$40 for globalsign, then that reseller has suffered U$120k loss. Such thing lasted for one year without being noticed...
Or, more reasonably, the hacked reseller is a buddy with globalsign who can issue unlimited certs (both alphassl and globalsign ssl) or its main sub-reseller (because small resellers only have alphassl). Then who is that reseller?
@BAKA
Very aptly put! This doesn't seem like a hack scenario. There is more than meets the eye.