Jan Kubr

Posts Tagged ‘ssl’

What business is GoDaddy in

In Uncategorized on November 25, 2007 at 19:21

I got the refund from GoDaddy on Friday after I had to ask for it having had a horrible experience with them. That is when it appeared on my account, they sent it actually a few days earlier already. It surprised me how responsive they were after I asked for the refund. When I was trying to buy something from them, it could take them many hours to get back to me with a simple request. But the whole refund thing was done within a few hours (two, three I believe).

Then I got it. GoDaddy is in the business of giving refunds, not selling certificates, right?

I went to RapidSSL then and it seemed to be all good (no humans, automatic processes), but then there was a phone call which was supposed to verify my number is valid (reasonable) and record me saying my name (eh??). Well and that didn’t go all that well, their system didn’t receive what I was typing on my cell phone and two other calls where disconnected before I got to anything. Now I need to wait till tomorrow to receive a call from a human. Yikes!

Buying certificates at GoDaddy is a nightmare

In Uncategorized on November 19, 2007 at 20:03

Long time ago I decided paying users of Flempo will have their communication with the server encrypted. This means no one along the way can “sniff” their teams’ data. I’m sure you know it from many sites, it’s when the address bar turns yellow, the address is prefixed with https instead of http and somewhere in the browser a lock icon is displayed.

In addition to that, it is also used to make sure you are working with the real flempo.com and not with any other (spoofed) site that pretends to be Flempo. How does that work? Well you go to a certificate authority and that will issue you a certificate which then other parties (especially Internet browser vendors) trust. The certificate authority will make sure flempo.com is yours and provide you with a file that you upload to your server. If the browser “finds” (in a way) this signed file on your server, it knows it talks to the real flempo.com

So far so good. Now there have been quite a few problems in my case. Flempo is using both flempo.cz and flempo.com addresses, but only one server at the moment. But it turned out you can’t use two certificates for one IP address. I solved that by redirecting everyone who has the paid features to flempo.com, even if she started on flempo.cz. That turned out to be a bit more difficult than I thought because the browser will provide you with a new session when you change the domain – basically all the information kept about you between requests is lost. Was quite a hassle, but it should work now.

Then I wanted to actually buy the certificate. I went to GoDaddy because they seem the cheapest. Their certificates are compatible with all the major browsers, so I said, what the heck, that’s good enough. Because if you look at the prices, they’re quite ridiculous. A wildcard certificate would be really nice (that would work for http://www.flempo.com, anything.flempo.com and not only for flempo.com), but $300 a year? For what, exactly?? (It’s not that I can’t afford it, but Flempo can’t afford it because it doesn’t generate any revenue. And the prize compared to what I get is crazy).

Then you try to buy it there and find out the site is the most confusing ever, you need to create two accounts, they accept PayPal, but with some strange conditions I’ve never seen, they don’t accept credit cards in the usual way, the URLs are uglier than the ugliest dog in the world..

Then they want you to send them a scan of your passport (I can understand that) and a bank statement (why??), but you HAVE TO black out all the account numbers on it. Then they tell you your registrator doesn’t publish your e-mail address in the WHOIS database and you go there yourself and see it right there, so you tell them that.

And then you wait for I don’t know what, which is what I’m doing right now. And I chose them also because it was supposed to be finished in two hours.. Maybe going to Verisign would have been better? Maybe not.

Fortunately there are activities such as Cacert that promise to bring an alternative. I will keep an eye on this.


I just got an e-mail from GoDaddy:

I apologize for the inconvenience, however there was a problem in the issuance of your certificate. Your previous certificate application was denied and will need to be resubmitted. Please follow the instructions below to resubmit your application:

and continues a seven step process how to reset my application to be able to go through the process again. Will this ever end?


And then they wanted the passport again and said the bank statement doesn’t mention my address, but it has to.
They don’t know it’s 2007 already. I hope I can get a refund and go to RapidSSL which I should have gone to at the first place.


I photoshoped the statement to show my address, but they say it doesn’t say the account type in English. Well, it is a Czech bank, jerks! Canceled my request, asked for a refund, and will go to RapidSSL. This is not funny anymore.