EV certs on the web are essentially a scam, and offer no additional security over DV or OV certs. A free cert from Let’s Encrypt, a no-cost Cloudflare Universal Cert and a $1,000 per year EV cert offer the same level of security!
Cloudflare offer Universal Certs at no cost to all plans, and they are configured and managed automatically. They cover the root domain, and one level of subdomain (so example.com and *.example.com). If you need a greater level of subdomain on your account, Cloudflare offer Advanced Certificate Manager (ACM), which enables you to create multiple levels of subdomain, at $10 per month.
Custom certificates are generally not needed, and are only available on the higher tiers of Cloudflare plans. Do you have particular requirements that mean you MUST use a Custom Certificate?
It’s rather infuriating that a post that could be used to discuss something many of us would agree with, was made with such a bad attitude.
Having an EV implies you own a business, using headers such as True-Client-IP Header implies you might be running an enterprise or major corporation. It makes sense to require those clients to contribute with an amount they mostly can afford to pay, and if not, there are plenty of Cloudflare competitors I’m sure will make you realize how much Cloudflare gives for so little.
I thought it was a valid question. Why can’t any user upload its own SSL certificate? Why it need a business plan to start having own certificate?
I understand high earning business needs to pay more. But having own SSL Certificate doesn’t means it is a very high paying business. There may be some other requirement which need own SSL certificate rather than using cloudflare universal/paid certificate.
As with all features at Cloudflare, they’re on various plans as a business decision. They don’t want to cannibalize Business Plan features just because they can bump it down to a plan where it’s not as natural of a fit.
This always makes me think of Tesla: Their autopilot hardware is already built in to the car, but enabling it through software is a $4,000 option. You’d think it’s an outrage…except R&D is really expensive and needs to be covered through sales. Yet it’s cheaper to install it in every car than it is to custom-build on the assembly line, or retrofit it later. And it’s a dirt-cheap upgrade if an owner decides later they want it. As a business decision, it totally makes sense.
You’re correct. MVPs are customers. Some on free plans only. Some whose Businesses pay for Pro, Business, and Enterprise level plans and understand the pros and cons of business decisions.
The kind of money that they’d lose when potential Business level plans buyers can’t understand why they need to pay $200 for that one valuable feature because Cloudflare bumped every other Business Plan feature down to Pro and Free plans.
Congratulations. That’s you, and you’re costing Cloudflare $200/month.
However the answer is equally simple and straightforward, because of which the question itself is a bit pointless. It simply is a business decision just like your local supermarket is selling milk for X and not Y.
Plus, there is a perfectly fine certificate provided anyhow, so the whole question is moot in the first place.
Yes, MVPs are regular users. Because of that they are not allowed to voice their opinion and are obliged to jump on the free-beer bandwagon too?
Sure, $200 is not a small amount but Cloudflare can set their pricing to whatever they want. If people don’t like it, they simply walk away. Secondly, there’s not even a need for that feature as a perfectly fine certificate is issued by default and for free. So what exactly are we discussing here?
Shaming the company and accusing it of theft (someone did not look up that word’s definition) is just plain ridiculous.
ARGO is a service which double charge the user thats stealing.
It optimize path between server and edge location. and charges for that and charges for edge to user as well for which user is already paying… thats stealing.