This article is more than 1 year old

Shamed TLS/SSL cert authority StartCom to shut up shop

Chairman tells El Reg nobody will even notice its passing

Controversial certificate authority StartCom is going out of business.

Startcom board chairman Xiaosheng Tan told The Register the business will close its doors on January 1, 2018, at which point new certificates will no longer be issued.

CRL and OCSP service will continue for two years from then, when StartCom's three key root pairs will end.

Startcom and Wosign certificates have been put on untrusted lists by the big browser firms including Mozilla, Apple, Google and Microsoft.

Tan said the closing of certificates "would not have a major impact" because "the major browsers" already don't trust StartCom certificates, and the two-year roll-out should "limit" any disturbance to certificate owners.

He was unable to provide an estimate of the number of websites that currently use StartCom certificates, but said they are global.

According to, about 0.1 per cent of all websites use StartCom as an SSL certificate authority.

The Register had, er, some difficulty accessing StartCom's website due to a certificate warning from some of the web browsers we tried. ®

More about


Send us news

Other stories you might like