So we recently had a customer whose SSL certificate needed renewing.
I went through the usual process on the server to generate a CSR and purchased a UCC domain name from the GoDaddy website.
Unfortunately this customer isn’t currently in control of their domain name (and so the WHOIS record lists an inaccessible email account) but I as I have control of the web server, I knew I could use the option to upload a HTML provided by GoDaddy to the root folder of the website that the domain points to.
This is specifically listed as an option on the GoDaddy website:
When requesting an SSL certificate, we might require you verify that you control the URL for which you’re requesting the certificate. To do this, we provide you one of two options:
Method How it works HTML Page Upload an HTML page with content we specify to the highest-level directory of the website for the common name you’re using DNS Record Create a TXT record we specify in your domain name’s zone (DNS) file
Unfortunately – for some unknown reason – GoDaddy have removed all reference to the alternative verification methods listed above from the SSL certificate management interface during a recent update.
GoDaddy Support: The Pain Begins
So as GoDaddy no longer has a support ticket option and the chat feature has quite literally never been available, it meant – sigh – a phone call to them. I’m immediately told that they are experiencing an unusually high volume of calls. Given that they are always experiencing a high volume of calls, I’m not sure they can say ‘unusually’ – I think they should just be honest and say ‘we don’t want to hire more staff’. I am then told I will need to wait for 24 minutes.
I finally get through and explain the situation to the tech support agent. He goes away and thinks – not very hard obviously – and comes back to tell me an email has been sent to the email address listed in the WHOIS. I remind him that the reason I was calling is because we don’t have access to that email address and I want to use the HTML upload verification option the details about this are no longer visible.
He puts me on hold for an eternity.
He comes back to tell me he is on hold with ‘that department’ and waits expectantly for my answer. When I say OK, he seems almost disappointed.
Another eternity later – I’ve now been on the call for 46 minutes – he comes back to tell me
“Ok sir, that departments not answering”
I ask if I can continue hold and he says that they are not there any longer, I ask where they’ve gone and he says he doesn’t know.
He then tells me that they told him the verification code has been sent to five other email addresses – he can’t tell me what they are. Given that all the email addresses on the WHOIS for this domain name are
I’m then told my only option is to call back in an hour. Brilliant.
Alternative Verification
Surely the idea of an alternative verification system for SSL certificates is to offer, erm, an alternative means of verification? It seems that while I can still use the file upload verification method, the code I need to put in the file is also sent to the WHOIS email address(es).
This renders the whole process completely pointless as an alternative because if I had access to that email address, I wouldn’t need to use the alternative method in the first place would I?
I completely agree. They really nerfed the entire process. I swear I hate dealing with GoDaddy’s site now. There is absolutely no way of using the HTML file anymore. They must have geniuses working for them…