Followup to Sectigo Code Signing Certificate Problems
My 3 year certificate was about to expire, and Sectigo was running a sale, so (perhaps against my better judgment) I decided to renew with them rather than finding another company. The price was $888/3 years.
Problems started immediately:
- the “renew now” link in the email let to INTERNAL SERVER ERROR. Sigh.
- after contacting sales, the salesperson said they could renew it for me over email and charge my credit card. Convenient, but this suggests a pretty lax attitude to security.
- after the payment went through, I had to re-validate myself and my company again. I don’t know if this is required for all certificates, or just something Sectigo makes you do. I had to provide business documentation, validate over email and a published phone #, and send a selfie with me and my drivers license
- after a few days, it was all validated
- the email announced that I’d be receiving a physical token.
- The UPS “track delivery” link in the email has no tracking number.
- the tracking number was in the email, but has “__” characters on both sides, so if you double-click to copy and paste on UPS, it fails
- After finally getting the tracking info from UPS, it shows the device is being mailed from Canada. I’m in the USA. I’m guessing this will not be quick.
I’ll update once I have the dongle and figure out how to use it.
Edit to add:
- of note, so far, nowhere in this process did I have to create a CSR (Certificate Signing Request) which was something I struggled with last time. Does the dongle mean I don’t need to do that?
8 posts - 2 participants