Skip to Content [alt-c]

Andrew Ayer


Renewing an SSL Certificate Without Even Logging in to My Server

Comment by Reader Gary Mort

This comment is owned by whoever posted it. I am not responsible for it in any way.

Interesting and very neat...of course this completely violates the terms of issuing EV Certificates. EV Certificates assure that a human being actually checks and verifies the information - by automating that process SSLMate instead only "verifies the information by a human being" once - when the certificate is first issued. So SSLMate EV certificates offer a false sense of security to end users.

I'm sorry to sound so critical, honestly it's not you specifically - early every security "professional" falls into this well worn trap - they spend time obsessing over little intricate details but completely ignore the human element of security. It is a well designed sandbox to play with security, but it should not be used in the real world.

| Posted on 2015-05-05 at 16:18:52 UTC by Reader Gary Mort | Reply to This

Post a Reply

Your comment will be public. If you would like to contact me privately, please email me. Please keep your comment on-topic, polite, and comprehensible. Use the "Preview" button to make sure your comment is properly formatted. Name and email address are optional. If you specify an email address it will be kept confidential.

Post Comment

(Optional; will be published)

(Optional; will not be published)

(Optional; will be published)

  • Blank lines separate paragraphs.
  • Lines starting with ">" are indented as block quotes.
  • Lines starting with two spaces are reproduced verbatim.
  • Text surrounded by *asterisks* is italicized.
  • Text surrounded by `back ticks` is monospaced.
  • URLs are turned into links.