Skip to Content [alt-c]


In reply to Renewing an SSL Certificate Without Even Logging in to My Server

Reader Gary Mort on 2015-05-05 at 16:18:

Interesting and very neat...of course this completely violates the terms of issuing EV Certificates. EV Certificates assure that a human being actually checks and verifies the information - by automating that process SSLMate instead only "verifies the information by a human being" once - when the certificate is first issued. So SSLMate EV certificates offer a false sense of security to end users.

I'm sorry to sound so critical, honestly it's not you specifically - early every security "professional" falls into this well worn trap - they spend time obsessing over little intricate details but completely ignore the human element of security. It is a well designed sandbox to play with security, but it should not be used in the real world.


Post a Reply

Your comment will be public. To contact me privately, email me. Please keep your comment polite, on-topic, and comprehensible. Your comment may be held for moderation before being published.

(Optional; will be published)

(Optional; will not be published)

(Optional; will be published)

  • Blank lines separate paragraphs.
  • Lines starting with > are indented as block quotes.
  • Lines starting with two spaces are reproduced verbatim (good for code).
  • Text surrounded by *asterisks* is italicized.
  • Text surrounded by `back ticks` is monospaced.
  • URLs are turned into links.
  • Use the Preview button to check your formatting.