Force to pay for let's encrypt certificate

Hello,

I'm really frustrated how redcart.pl is using Lets Encrypt. They forcing customers to pay for certificate instalation, and its 15 zł monthly (3euro)

This payment is not for using their software, its only for certificate.

Is it fair what they doing and what can be done to stop it ?

Regards.

It's unfair, yes. It doesn't look like it violates the subscriber agreement, tho.

You should find another hosting provider.

3 Likes

Some might find it unfair indeed. However, it's not unheared for hosting providers to ask for a certain amount for free Let's Encrypt certificates. One might argue the addition of the free LE certificates as a service costs money for the hosting provider, e.g. increased work for the IT staff, questions to the customer relations et cetera.

That said, there are many hosting providers not asking for extra money.

Personally, I'd say every hosting provider should provide free (Let's Encrypt or other free CA) certificates for every user, so asking money specifically for this service should not be done. Instead, a hosting provider should consider increasing the fee for every user making use of this service if necessary at all. I.e.: every shared hosting user. And not making it opt-in and requesting a separate fee.

You can find a table of hosting providers offering Let's Encrypt or not at the Certbot site:

5 Likes

Hi, its not a hosting provider, its a company selling web store software, and its not that easy to change them :frowning: We pay them for this software, and an additional cost is for certificate :frowning:

If that company is not the hosting provider, can the hosting provider provide a free certificate?

Or is it a "black box" and closed-source software system installed on a VPS or something like that?

We'd need more info to say anything meaningful about your situation.

5 Likes

I'm not sure what will happen you attach cloudflare with flexible mode in front of it (it's not really end-to-end, but your client will see the green lock)

if it were hosted on your server how about left it as http and attach a reverse proxy with https in front or it? like caddy or nginx.
https://redcart.pl doesn't have selfhost option, so this doesn't apply
keep mind there is another e-shop frontend company , redcart.com, which is unrelated

4 Likes

Yep, its closed software only with CMS access, so my domain is only an IP forward on DNS.

And its all on their servers.

So they are the hosting provider :wink:

Although I can understand it's impossible to switch if the software can only be used on their servers.

4 Likes

It may or may not be "fair", but it's legal.

Vote with your feet--use less-hostile software/hosting.

6 Likes

I mean, it can be difficult and require some work, but it should be (legally) possible in Poland (and the rest of the EU):

Although, article 1 might be a problem, as it looks like it restricts those rights to "natural persons"

2 Likes

Most times, SAAS/PAAS (Software as a Service/Platform as a Service) do this because they sell a SSL Certificate themselves. Sometimes those options are actually cheaper.

If I were you, I would ask their support why they are charging an extra 15/3 per month for SSL - which is essentially required for SEO and any transactions. I would also look for other providers.

4 Likes