Bought licence but is shown as Not Applied

My domain is:myqnapcloud.com

I bought a license for 3 Years but it is shown as not applied.
Within the TS464 the lets Encrypt SSL licenece is active but looks like a diffenent Licence ?

If I release and try to connect based on my Email the Domain Name is different to the one above .
I formally used the licence for the TS419P but now shall be used for the TBS464.
I do not understand what to do ? All system on TBS are running "green"
Do I need this licence at All ?

Best Regards Timo

I'm not a fan of clicking on external links, but I'd like to mention that Let's Encrypt ONLY offers automated issuance of FREE certificates using the ACME protocol and DOES NOT offer a license of any kind.

6 Likes

Thank you so much Osiris --- I paid to QNAP ... true - so please can you tell me though why I did buy this SSL License ? What is the benefit if I can have the Lets Encrypt one for free.

1 Like

No clue. Please ask QNAP about that.

Sometimes companies ask money for the development of the software which they've build to interact with the ACME servers. Most companies though offer it for free.
It's also allowed to ask for money for free certificates :man_shrugging: But IMO that should be frowned upon.

4 Likes

I don't think that's actually allowed. Charging for support for LE certificates is fine, but I believe that charging for LE certificates themselves is a violation, especially since LE owns the certificates it generates.

3 Likes

I thought I read in a recent thread that it's not prohibited to ask for money for a Let's Encrypt certificate issuance. Which words you use to make it legally sound is IMO less important. Ownership or issuance, the net effect is the same :slight_smile:

Edit:
Hm, I think I had Could Let's Encrypt be used for commercial purpose? in my head, but that doesn't make it very clear.

Point is, you could ask money for a one-time issuance without a change of ownership.. And again for a second one. Are you then charging for the certificate itself? Or for the "support", even if you charge per certificate? You might be able to legally justify this per certificate cost in that customers issuing more certificates should also pay more than customers NOT using certificates. Sounds fair, right? :stuck_out_tongue:

1 Like

When looking for something explicit about charging for certificates in the current subscriber agreement, all I noticed was this:

...

3.6 Installation and Use of Your Certificate

You may reproduce and distribute Your Certificate on a nonexclusive and royalty-free basis, provided that it is reproduced and distributed in full and in compliance with this Agreement. You warrant to ISRG and the public-at-large, and You agree, that You will install Your Certificate only on servers that are accessible at the subjectAltName(s) listed in Your Certificate, and that you will use Your Certificate solely in compliance with all applicable laws and solely in accordance with this Agreement. Your Certificate will remain the property of ISRG, subject to Your right to use it as set forth in this Agreement.

...

2 Likes

It's a gray area for sure, but distinguishment is critical and, as they say, "possession is 9/10 of the law".

1 Like

Hm, does "royalty-free basis" not mean you are not allowed to charge money for the reproduction and/or distribution of the certificate?

1 Like

I think it's actually saying that you don't need to pay Let's Encrypt for each time you distribute the certificate somewhere. I could be very wrong, though.

4 Likes

That's also certainly a possibility. I'm not a lawyer, so I dunno :man_shrugging:t2:

1 Like

I am ISRG's general counsel -- thanks for the question, Tiage. Without getting too deep in the weeds, I hope these are helpful points: The Let’s Encrypt subscriber agreement grants a license to use the certificate, but not ownership of it. The subscriber agreement also permits distribution of the certificate. Consistent with Let's Encrypt's mission to provide free SSL/TLS certificates to promote secure communication over the internet, the agreement permits subscribers to distribute certificates without charge. Subscribers are, of course, free to charge for services that assist with obtaining and managing a Let’s Encrypt certificate.

8 Likes

Which I recon could also be a "per certificate" fee?

It could very well be calculated as such, although anyone with sufficiently risk averse legal counsel would probably be very careful with how the description of the charge was phrased.

4 Likes

I do not believe you need this license. I also believe your issues are entirely with Qnap's customer support, but you may find luck on workarounds on a Qnap forum or StackExchange.

Without reading too deep into the product offering, it appears that Qnap sells a 3 year license during which they will automate procuring and deploying a certificate onto your hardware device. That certificate might come from LetsEncrypt or someone else - I have no idea. Certificates currently have a max lifetime of 397 days, and many ACME CAs (like LetsEncrypt) limit to 90 days, so your fee likely covers continually updating the certs over the subscription period.

The certificate is probably only needed for offsite/cloud access, which will use https - everything on your local network likely happens via other services that do not need the certificate.

You may have options to handle certificate installation for free from a publicly trusted CA all by yourself, or just using a self-signed certificate that you/colleagues trust. StackExchange and hardware/user sites dedicated to Qnap would be the best place for you to look for help on that.

3 Likes

Thanks for the confirmation, @kberdan! :slightly_smiling_face:

3 Likes