I have used GoDaddy for some years to buy domain names. For SSL certificates, I have been buying from another SSL provider, because GoDaddy wasn’t anywhere near as cheap. But with recent GoDaddy promotions to slash their SSL certificate pricing, I thought I’d give it a try. Now, I am so utterly disappointed with GoDaddy. What should have been a quick and painless process that takes no more than a few minutes has now dragged on for some 20 hours and a bunch of exchanges with GoDaddy’s technical support.
Buying an entry level SSL certificate should be a very simple process. The verification and authorization steps can all be automated, and should only take a few minutes at most. That’s how the other SSL certification authority I’ve been using works. I just cannot understand why GoDaddy makes it so complicated. Not only is it not automated, they seem to present silly stumbling blocks that messes up the verification.
What is wrong with GoDaddy?
- They insist on consulting the WHOIS database. But what if you are getting an SSL certificate for a domain name from a delegated zone of another name that is registered in WHOIS?
- Have they considered that the WHOIS contact people might not necessarily be the same fellows wanting to operate the SSL service? Different department? Outsourced to a different company? Or you’re trying to do this for your client, who is a branch of a big MNC?
- So GoDaddy provides some alternatives. Plant a domain verification code in the DNS domain, or plant it on the website. I’ve done both. Verification still failed.
- Apparently when the verification is stuck in some state, their technical support can’t get you out of it, or override and do some kind of manual fixup. The solution is to cancel the SSL certificate signing request and restart a new one.
- I seek help again about the domain verification code that I have planted, because from checking my network traffic, I am absolutely certain GoDaddy isn’t even attempting verification. Can you believe it, but their technical support tells me they can’t see my Domain Verification Code from their system, therefore I need to forward to them the email their system had sent me. What kind of verification is this? Then I can forward an edited email eh?
Well it is now about 20 hours since I started. What should have taken only about 5 minutes has dragged for so long, and involved so much technical support. Another gripe, though not a major issue, is that the screens that their technical support describe that I should click through doesn’t even match up with what their website actually shows me. I am able to figure out my way on my own, fortunately. But I can’t figure out how to get their verification to work.
I think this is just so thoroughly disappointing that a simple process of getting an SSL certificate from a well respected Internet name company is so broken.
What’s your other SSL cert provider?
I usually buy from EV1Servers, which is now theplanet.com. They are a reseller for RapidSSL, and cheaper than getting directly from RapidSSL. 🙂
Just to follow-up. GoDaddy has responded to my complaint. Basically their policy on SSL domain verification method does not meet my needs, and they have agreed to cancel my purchase. I’m just happy to feel that I am heard and finally given some attention on the difficulties I faced.
I guess I’ll still continue to buy domain names from GoDaddy, though for SSL certs, their domain verification methods will probably not work for me.
Not sure if you still need it. I get my certs from Comodo. Simple process to apply and get your certs in less than an hour. Most importantly, cheap enough for personal usage. Only catch is that they are not a root level CA, so you gotta do some extra stuff with your webserver when you install the cert but nonetheless, still trivial. 🙂
i have several websites hosted at Godaddy and i am pretty much satisfied with this domain name registrar. it is also very easy to get coupon codes for Godaddy.
you are absolutely true, I have same problem as what you encountered. For me just to renew the SSL certificate and i’m stock to 50% progress, still need to verified the DNS I called-up the tech support and they cannot do anything giving me some solution to call the dns provider to add a txt record which I have done too. and call them up again but they said they still cannot verified because the dns name cannot found in whois, my customer public domain name registered from a different delegated zone, that is why it cannot found on WHOIS. so now I’M stock and my client 550 users cannot use MS outlook and mobile email because of the expired certificate.
Imagine I’ve been using their godaddy SSL certificate for two years now is expired and still need to process the same procedure as buying a new certificate. Godaddy is realy a pain and I’m not going to recommend this to our customer. I have few customer using digicert and when it comes to renewal it took 2 minutes only and my certificate are available for download.
Additional SSL stands for protected socket layer.