"StartCom temination announcement"
Bis zum Umzug meines Blogs auf neue Hardware stammte das SSL-Zertifikat für das Blog von StartCom, einem Tochterunternehmen von WoSign (wobei der Erwerb offenbar verdeckt durch Hinterleute erfolgte). Die Konzernmutter fiel jedenfalls 2016 durch … unschöne Praktiken bei der Erstellung von Zertifikaten auf, mit der Folge, dass Apple, Google (Chrome) und Mozilla (Firefox) allen Zertifikaten der Mutter- wie der Tochterfirmen sukzessive das Vertrauen entzogen.
Das hat dem Unternehmen offenbar das Genick gebrochen, wie ich einer E-Mail entnehme, die mich am vergangenen Samstag erreichte:
This is an automatically generated email, please do not reply.
Dear customer,
As you are surely aware, the browser makers distrusted StartCom around a year ago and therefore all the end entity certificates newly issued by StartCom are not trusted by default in browsers.
The browsers imposed some conditions in order for the certificates to be re-accepted. While StartCom believes that these conditions have been met, it appears there are still certain difficulties forthcoming. Considering this situation, the owners of StartCom have decided to terminate the company as a Certification Authority as mentioned in Startcom’s website.
StartCom will stop issuing new certificates starting from January 1st, 2018 and will provide only CRL and OCSP services for two more years.
StartCom would like to thank you for your support during this difficult time.
[…]
Please let us know if you need any further assistance with the transition process. We deeply apologize for any inconveniences that this may cause.
Best regards,
StartCom Certification Authority
Tscha. Gut, dass es Let’s Encrypt gibt.
Kommentare
Ansicht der Kommentare: Linear | Verschachtelt