Answer the question
In order to leave comments, you need to log in
What will happen to the SSL certificate after the domain is released?
1. I registered a new domain that was recently released by someone. How can I be sure, other than pinning, that the old owner doesn't have a private key certificate for my domain? Wait 3 years?
2. If I vacated the domain myself, is it legal to trade an SSL certificate with a private key that I managed to get before the end of the domain? (meaning trade in a certificate from someone else's domain)
Answer the question
In order to leave comments, you need to log in
1. You can search for a certificate for your domain here .
2. Read the conditions under which you bought it. It may be written there that it is not allowed.
On the part of the legislation, it is most likely prohibited to obtain unauthorized access to someone else's information, which can be implemented using a private key from a domain that does not belong to you.
Nothing. The certificate is not tied to the domain registration.
1: Even if he has it, then you manage the domain and there is nowhere to apply his certificate to him.
2: You cannot trade any SSL certificates, since you are not an authorized certification authority
The fact that you still have a key and a certificate from some domain does not mean at all that this is a liquid product. :)
PS: In general, you should start by understanding what SSL certificates are, what they are for and how they work. Since your questions clearly indicate that you do not understand this, otherwise you would not have such questions.
To EvgeniyKonstantinov :
1. Well, with this approach, you can generally put your certificate on the network and say "Anyway, they have nowhere to use it." Or disable https altogether and say "Anyway, my IP is registered in DNS." What if I opened a bank and the old owner posts my certificate?
2. I'm talking about a certificate from this domain.
“It doesn’t mean at all that this is a liquid product” - it’s not about the cost, but is it a violation of the law, for example, in the Russian Federation?
> that the old owner does not have a certificate for my domain
Check with crt.sh
> is it legal to sell an SSL certificate
Legal, but pointless. The meaning of SSL is precisely that the private key does not get to anyone (by the way, the private key should not get to the certifier either).
Selling a certificate from someone else's domain to a non-owner of this domain is not legal. That is, this is not directly prohibited, but if something happens, you will go as an accomplice.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question