March 30, 2021

A way to get Certificates from a leading CA for free, should i let them know?

Okay, so i have found a way through their API/System to get a fully functional SSL Certificate issued for free without any cost.

I have asked them if they have a bug bounty program, and said I have a few bugs any issues i can report. They were not very interested.

I even mentioned that i think i found a way to get SSL certs issues for free from them, without me paying anything. And they again did not seem interested at all.

This is all through the most used CA.

Yes you can get free SSLs through CAs like lets encrypt, but this is a CA that charges for their full term ( 1 year + ) SSL Certificates.

I have been spending my time/money working on their system for a while now, and have offered to provide details of issues with it. But they dont seem very interested in details at all.

Should i just let the public know? or just ignore it and move on.

( i just noticed my title asks, if i should let them know, when i already have (without interest by them ), sorry )

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.