Premium transfer from the competition can be used for WoSign a StartCom as well
(10. 11. 2016) You can also make use of the popular premium transfer from a competing CA for the WoSign and StartCom certification authorities, which have recently been included in the programme. The benefits have now also been added for Wildcard certificates.
Customers who are replacing a certificate issued by a Competitor (see list below) and ordering a qualifying certificate (all except EV) will receive up to 12 additional months added to their new certificate free of charge and a 20% discount. The additional free months will be equal to the time remaining on the competitor's certificate. We call this a Competitive Upgrade.
For example you have 11 months remaining on a Startcom certificate. You purchase a QuickSSL Premium 1 Year certificate. You will be issued with a certificate valid for 23 months.
Transfer your certificate from a competitor with benefits
SSLmarket and Symantec have been offering the possibility to change the certification authority with better conditions over a long period. You will get the remaining validity and a 20% discount on a new certificate. You can change the supplier of your SSL certificate if you have one of the following competing certification authorities.
List of certificate authorities eligible for competitive upggrade:
In the last step of an SSL certificate order, it is enough to choose the name of a competing CA in the Transfer to Another Certification Authority section. Before the discount is applied, the presence of this CA will be checked on the website.
You can find more information and conditions of this special offer on the page Competitive upgrade page.
CAs which have problems with trust and will be excluded from root certificates lists
WoSign certification authority (owning StartCom) is facing security issues and is losing credibility in the certificates business. The acquisition of StartCom CA was not transparent and users were informed after the discovery of several security incidents. Browser and OS manufacturers decided to take action and stop trusting WoSign and Startcom.
Chinese authorities have trust issues
The WoSign certification authority (StartCom's owners) has had issues with business credibility in the recent months. Users were not informed about the acquisition of StartCom CA and after several security incidents, browser producers considered making it untrustworthy. In the end, they decided on a compromise, which will not affect the certificates which had already been issued.
The WoSign and StartCom certificates issued after 21/10/2016 are not trustworthy in Chrome, Firefox or Apple systems. The Chinese CA mentioned are teetering on the edge of complete exclusion from the list of root certificate authorities, which would happen in the case of further wrongdoing.
- Mozilla Security Blog: Distrusting New WoSign and StartCom Certificates
- Google Security Blog: Distrusting WoSign and StartCom Certificates
- Apple: Lists of available trusted root certificates in iOS