In the past we’ve purchased our SSL/TLS certificates from SSL.com and when we last renewed our main domain’s SSL certificate, we suddenly started getting charged $20/month for:
eSigner Cloud Signing for OV Code Signing Tier 1 Monthly
Whatever this service is, we didn’t sign up for it. And trying to get SSL.com to stop charging us and refunding us the money has been a nightmare over the past year. The UI on their site is so bad that I can’t find anything and I am constantly confused by all of the useless and cryptic information packed into every single unreadable page.
In the end, I resorted to contacting customer support, who on the surface seem nice and helpful, but really all they do is refer matters to “internal teams” who never actually resolve any issues. This is nothing more than stonewalling.
Eventually they acknowledged that we are due a refund for $200+. But they were unable to refund the money because the credit card used for the original transaction expired by the time SSL.com got its act together.
This entirely unforeseeable problem was, as you might guess, referred to an internal team. Where it has been sitting for the past year now. Any attempts to get this to move along have resulted in nothing more but:
“We’re sorry for the inconvenience, we’ve forwarded this to an internal team.”
Joy. I guess that $200 will never be recovered and I need to cut my losses dealing with evil corporations.
So, be warned: Do not do business with SSL.com and use the amazing Let’s Encrypt service instead! If by some miracle, we get our money back, I’ll donate it to Let’s Encrypt instead!
Ooh, Let’s Encrypt is a nonprofit!?
I had a quick sift through their annual report, and this application they’re working on looks really interesting as well: “‘Divvi Up is a system application owners can use to collect app users’ metrics while respecting their privacy.”
Sounds optimistic, but the quote they included makes me think they have a good grasp on the problem at hand! “”If data exists it’s a risk.” – Raphael Mimoun”
Something to keep tabs on, regardless.
They completely stole 300 or so dollars from me by double charging for wildcard SSLs that ended up not even working.
Then also an absolutely insane roundabout between my pay processor and their “internal team“, which proceeded to waste tons more of my time.
And ultimately get absolutely no relief by way of getting the product to work properly or getting my money back.
So to recap, double charged for one wildcard that did not even work in the end, and I had to re-install my hosts “free“ (not really, but meh) SSLs shortly after installing ssl.com wildcard anyway.
It had been a long time since I’ve been taken for a sucker to this extent. Definitely agree with this article do not use them.
We apologize for the incorrect charge & delayed resolution. While the refund request was outside our 30-day policy & to a different payment method, we processed it. We’re working to improve our auto-renewal process. Your satisfaction is our priority & we appreciate your patience.
Now mind you, the refund was for services we NEVER ORDERED, but got charged for anyway. You’ll have to try harder if you want to escape the EVIL label.
Yes we also got charged 34,90 per month for Healthy check service quite a long after we noticed it. DO NOT DO ANY BUSINESS WITH ssl.com. They secretly start invoicing your credit card with services you have not ordered.
Just chiming in as another ssl.com customer who’s been charged without permission. I ordered an SSL cert from them in 2022, which didn’t work for me and they refunded. In 2022.
In February 2025, they started charging me $34.99/mo without any notice and without my authorization. They simply used my billing information from 2022. This $34.99 also didn’t appear anywhere I could find on their site when I logged in. When I disputed the charge, they sent me an email about a payment failure and finally a link to an invoice for “SSL/TLS Health Check Monitoring,” which, needless to say, I never ordered and never would.
Avoid them.