--- author: '' category: '' date: 2012/05/03 10:20 description: '' link: '' priority: '' slug: valicert tags: '' title: valicert type: text updated: 2012/05/03 10:20 url_type: '' --- Because of varied reasons, I have spent a little time in my life looking at SSL certificates. I have spent time creating, signing, configuring, buying, deploying and validating them. I have hardly ever seen something like Valicert, though. So, a user has a SSL error, and there appears a certificate that has nothing to do with the site he's supposed to be accessing. It's marked as invalid (nevermind) and is from a CA I have never heard of, called Valicert. It seems to be a valid CA, its certificates mostly validate, etc, but something is fishy (besides the fact that there is a freaking Valicert certificate where there should not be one and I have no idea why). It seems Valicert is or was owned by GoDaddy, which should already be a problem, but it gets worse. The URL for the CA? `valicert.com `_ which is not configured as a site. Then I try `www.valicert.com `_ which does exist but is not about a CA but about AxWay, a "Business Interaction Networks company". It contains nuggets like "What can our cloud-based community management solution do for your bottom line?" and "Is your file transfer system visibility-impaired?" and "Our award-winning products, solutions and services enable the business-critical transactions required to accelerate performance within and among enterprises – while providing management, security and governance on interactions throughout business networks." And then I had the (bad) idea to try https://www.valicert.com ... a picture should be enough: .. figure:: //ralsina.me/galleries/random/valicert.thumbnail.png :target: //ralsina.me/galleries/random/valicert.png AxWay, you are lame. These bozos, this company that dares offer file transfer whatnots and has "award winning products"... has a self-signed certificate, that expired in 2010, for localhost freaking localdomain in their public webserver. So, I am guessing Valicert doesn't exist anymore, godaddy kept the CA alive until all certs expire and for some reason AxWay is a bunch of incompetents who bought the domain (but why???) and really, trusting CAs is getting harder each day.