Please check authenticity of businesses before giving security to Fraud Companies

Please don't encourage fraud business "". Providing SSL layer security to fraud business like these makes us re-think of where we are going as a community. Please verify before giving your services.

A very kind and humble request to take action for this matter. Fraud website:


Please have a look at:

which also links to this longer post:


Thanks for the reply. Hope this guides me to take the mentioned fraud site down.


The place to report fraudulent sites is to the site's internet provider or registrar. All that Certificate Authorities like Let's Encrypt do is ensure that when you're talking to a domain name, you're actually talking to somebody who controls that domain name. It doesn't claim anything about whether the entity that controls that domain name is being naughty or nice.


I have had good luck e-mailing the registrar and hosting provider, Goaddy once took a site down and seized the domain within an hour. They are much better equipped to handle these issues than Let's Encrypt.


Trying my luck with the registrar. Came here all frustrated now have a structured way to go about this problem.

Thanks for all the answers.


Obviously absence of chain of trust here. So many SCAM sites using Let's Encrypt issued SSL cert. Hope you find a solution to this.

Obviously not. And obviously you haven't read the posts in this thread before replying? A DV certificate such as Let's Encrypt issues does not guarantee anything about the contents of a certain site. Any assumption otherwise is a mistake of the person making that assumption.


Really, no cert does--even an EV cert, at best, only guarantees the identity of the organization operating the site. I guess it's possible that a kind of cert could be created that would involve the CA's control over, or validation of, the site's contents--but it doesn't exist today.

Obviously ignorance of what "chain of trust" means here. Recommend you correct that.

The solution is, "ignorant users become less ignorant." An SSL cert has never said anything about the good will of the site operators or the contents of the site. That many people apparently believe otherwise is their problem, and should be corrected sooner rater than later.


Unfortunately it is not possible to find solution by Let's Encrypt. Here you may find explanation why it is not feasible, and where to look for help if you are concerned about SCAM sites:





Third time is the charm!


I fourth that. :face_with_monocle:


Chain of Trust ??? Really ??? Chain of Trust - Let's Encrypt

I hope you are not saying you can TRUST the domain, website or URL.... BUT not its contents. Don't you think is hilarious? For internet users, can they tell the difference? You are doing them a de-service.

Censorship? Thought only in a communist country? Which part do you think is not right?

If you were thinking anything more than above — you were misled by marketing people and whatnot.


That's exactly the purpose of TLS certificates indeed.

Probably not, but is that the fault of Certificate Authorities? Maybe browsers. Maybe the internet users shouldn't make assumptions.

I've also removed the latter part of your post.

If you send your credit card data through a valid TLS connection, the only thing you can be sure of that your CC wasn't seen within transit to the scammers/phishing site :wink:


Well, you can't say there is Chain of Trust - Let's Encrypt but when there is an issue, you are saying... Hah! No, we are only providing you the mean for a private conversation.

"If you send your credit card data through a valid TLS connection, the only thing you can be sure of that your CC wasn't seen within transit to the scammers/phishing site :wink:"

LOL...Very funny..What about the MONEY being scammed? :joy:

I'm not sure why you're quoting that site over and over again. It's about the chain of certificate trust.

Please read and learn more about the web PKI before making incorrect assumptions.

As stated, TLS only guarantees something about the connection indeed. Other CAs don't guarantee anything more than that either! This is not just Let's Encrypt..


Why do you have to remove those SCAMMER websites I listed if the domains certified by Let's Encrypt can be trusted? Your action speaks louder than your words.