GoDaddy: Just slightly better than 419 scammers

Just got email from GoDaddy saying my SSL cert is "up for renewal in 30 days". Where by "30" they meant "365".

They do the fire extinguisher scam and try to get you to renew far earlier than you need to in order to keep your money trapped in their "service".

REMINDER: Renew early for multiple years and lock in your savings!

This is a courtesy notification to inform you that your SSL Certificate is coming up for renewal in 30 days for the following:

Stay klassy, GoDaddy. I'd expect nothing less.

Next time I'll go with DigiNotar, I've been hearing good things.

Tags: , , , ,

18 Responses:

  1. MattyJ says:

    Yahoo/Flickr did this same thing to me. I bought 2 years worth and I got a renewal notice in 12 months. I don't even know why I'm still on Flickr.

  2. Network Solutions does the same with domains. I was too lazy to change for a long time even though they also expensive. Now I am gone though.

  3. Injector says:

    I know you're joking about DigiNotar. Did you see that the recent Firefox 6 update was basically just to remove their root cert?

    • jwz says:

      There's this invention we have called links. You can click them.

      • Injector says:

        That article is about them issuing some crap certs, which were detected by Chrome when visiting a Google site. It doesn't mention that the Firefox update invalidates all certs issued by them, not just the bad ones (provided they issued any real certificates in the first place).

        But yeah...

  4. FWIW, (tucows/opensrs' in-house consumer registrar) has been doing pretty well by me so far. Their interface is a little over-ajaxy for my taste, but they don't try to upsell me on anything and once you've established an account you can basically email them saying things like "please register these three domains" or "please unlock these" and they just do it. (I doubt they can completely save anyone from the horror of SSL cert "verification", since that's baked into the process from Verisign on down.)

  5. fantasygoat says:

    Their price on certificates is the best I've seen but my god I hate using their website. It's like they hired porn web designers.

    • John says:

      Well, we use godaddy at work for exactly that reason. For my home stuff I use since they offer free certs (though they charge a "handling fee" for revocation and they charge for EV certs). Dunno if I'd use them in production, but for my own little webserver they work just fine.

    • Elusis says:

      Given their commercials, you were expecting what exactly? Amazon?

  6. Huey says:

    I think their new slogan should be GoDaddy: only slightly worse than the Ukranians (see 2nd to last page)

    • Nick Lamb says:

      Seems like Viagra site people choose Go Daddy because it's cheap (it is) and Go Daddy are being reasonably responsive in obeying law enforcement requests / TOU violation requests to shut such sites down. If that report said Go Daddy had a much higher (rather than much lower) proportion of working Viagra sites out of the sites that are registered with them I might care more.

      The $10 000 "bulk whois" versus EU data protection law thing is much more interesting in my line of work, and I hope they chase that up. My guess is that ICANN will just have to get rid of that clause, but we shall see.

  7. Ingmar says:

    I thought GoDaddy was only for people with a address. Who insist on using IE6, because it's the standard. And design neon coloured websites for their friends in Word. Surely jwz must know about

    But then that whole SSL certificate business is basically one big scam anyways.

  8. Elusis says:

    1-800-CONTACTS does the same thing. I buy a year's worth of contacts from them, and two months later they start offering to sell me more.

  9. DFB says:

    DNSSEC is hugely more important than ipv6, but for some reason the sysadmin community can't get off it's collective ass and upgrade. Perhaps a rant would help.

    • Nick Lamb says:

      I don't think the two are really comparable. For DNSSEC the gradual approach is a real option. The only non-negotiable phase (signing the root) is done, and from there anybody can secure whatever things they care about. For IPv6 it's all non-negotiable, the job was very much not finished when we dismantled the 6bone and announced production deployment. Short-sighted people at ISPs have to agree to spend millions of dollars to avoid a catastrophe they won't understand until it's too late. Good luck to us all.

      To use analogies, DNSSEC is pandemic flu vaccine, IPv6 is CO2 emission controls. You can go out tomorrow and pay for your own flu shot. But a personal decision to cut CO2 emissions buys you nothing in the face of China's coal power stations.

  10. I Love Nyms says:

    They also happily assign all of your certs to autorenew (early, of course). This means that if you allow them to autorenew instead of going through the annoying interface to turn autorenew off, you pay full price, instead of paying the usual discount rate.

  11. Isaac says:

    DreamHost, $15 1/year certs. Pretty good deal.