Today I used StartCom to issue a new ssl certificate and seen they have redesigned the website. Its not surprising really as with the announcement of Lets Encrypt most certificate authorities have had to up their game.

startcom new design

Although i'm a fan of Let's Encrypt and the good work they are doing to bring TLS all over the web there are some reasons I still prefer StartCom at this time. For example Lets Encrypt is only 3 month certificates where as StartCom is one year. StartCom verification process is just as secure as Let's Encrypt. You don't need any server software or scripts. Changing certificates on the fly is fine but swapping out once a year and not needing additional management tools is simpler and is less open to abuse. Many scripts don't set the private key to be owned and readable only by root for example.