valicert

Be­cause of var­ied rea­son­s, I have spent a lit­tle time in my life look­ing at SSL cer­tifi­cates. I have spent time cre­at­ing, sign­ing, con­fig­ur­ing, buy­ing, de­ploy­ing and val­i­dat­ing them. I have hard­ly ev­er seen some­thing like Val­icert, though.

So, a us­er has a SSL er­ror, and there ap­pears a cer­tifi­cate that has noth­ing to do with­ the site he’s sup­posed to be ac­cess­ing. It’s marked as in­valid (n­ev­er­mind) and is from a CA I have nev­er heard of, called Val­icert.

It seems to be a valid CA, its cer­tifi­cates most­ly val­i­date, etc, but some­thing is fishy (be­sides the fact that there is a freak­ing Val­icert cer­tifi­cate where there should not be one and I have no idea why).

It seems Val­icert is or was owned by Go­Dad­dy, which should al­ready be a prob­lem, but it gets worse. The URL for the CA? val­icert.­com which is not ­con­fig­ured as a site. Then I try www.­val­icert.­com which ­does ex­ist but is not about a CA but about AxWay, a “Busi­ness In­ter­ac­tion Net­works com­pa­ny”.

It con­tains nuggets like “What can our cloud-based com­mu­ni­ty man­age­ment so­lu­tion do for y­our bot­tom line?” and “Is your file trans­fer sys­tem vis­i­bil­i­ty-im­paired?” and “Our award-win­ning prod­uct­s, so­lu­tions and ser­vices en­able the busi­ness-­crit­i­cal ­trans­ac­tions re­quired to ac­cel­er­ate per­for­mance with­in and among en­ter­pris­es – while pro­vid­ing man­age­men­t, se­cu­ri­ty and gov­er­nance on in­ter­ac­tions through­out busi­ness net­work­s.”

And then I had the (bad) idea to try http­s://www.­val­icert.­com … a pic­ture should be enough:

http://lateral.netmanagers.com.ar/galleries/random/valicert.thumbnail.png

AxWay, you are lame.

These bo­zos, this com­pa­ny that dares of­fer file trans­fer what­nots and has “award win­ning prod­uct­s”… has a self­-signed cer­tifi­cate, that ex­pired in 2010, for lo­cal­host freak­ing lo­cal­do­main in their pub­lic web­serv­er.

So, I am guess­ing Val­icert does­n’t ex­ist any­more, go­dad­dy kept the CA alive un­til al­l certs ex­pire and for some rea­son AxWay is a bunch of in­com­pe­tents who bought the do­main (but why???) and re­al­ly, trust­ing CAs is get­ting hard­er each day.

Comments

Comments powered by Disqus
Contents © 2000-2013 Roberto Alsina
Share