Where exactly is the fact that HTTPS is broken for custom domains publicized?
-
As you can see from my account details, I bought 2 premium blogs primarily for (as you say in your marketing copy) “get your own domain name, powerful customization options […]”
As far as I can tell, you know that custom domains are completely broken for HTTPS and you publicize this fact nowhere. Custom domains are unusable for Mac users, iPad users, and so on because of this.
I am considering reversing my credit card charges because this seems to me to be a clear-cut failure to deliver services purchased on your part.
Where exactly does it say “Safari and Chrome users cannot use your custom site without a certificate error, and you have no ability to disable HTTPS”?
Thanks,
Ecquid
The blog I need help with is: (visible only to logged in users)
-
Hi Ecquid,
Please don’t reverse the charges on your credit card — if you’re not happy with the upgrades you purchased, I can cancel and fully refund those for you or you can do that directly from you My Upgrades page.
To access your site without a certificate error, please be sure to use the HTTP version of your site’s URL: http://ecquid.com/
As mentioned on our HTTPS support page, SSL certificates need to be signed to a specific domain, and we can’t provide certificates for every mapped domain, so our certificate is signed for WordPress.com. That may result in browser warnings if you access your custom domain at https://ecquid.com/ instead of the HTTP version at http://ecquid.com/ .
I’m very sorry that this wasn’t communicated more clearly before you upgraded your blogs. Please let me know if you’d like to cancel those upgrades for a refund.
-
This is just the usual song and dance.
You cannot claim in good faith that lack of HTTPS support in this day and age should be relegated to a support forum link. The fact of the matter is that your marketing copy is dishonest. You make allusions to full domain support, misleading consumers (such as myself), then you hide behind a support page buried deep in a forum.
Also, so much for your vaunted “powerful customization options”. Where I sit, “powerful customization options” include simply opting out of HTTPS altogether, since that is preferable to delivering certificate errors!
Has support staff been trained to follow the mantra of “we can’t provide certificates for every mapped domain”? Here’s a hint: you control the DNS (we transfer it to you), you control the web servers, and you __CAN__ support this configuration, you just choose not to. More particularly, your engineers and management choose not to.
But let’s make no mistake here– although you (as a company) can do it, but you’d rather mislead consumers to make a quick buck. It’s a shame; otherwise your service is pretty good.
I will sleep on it, but I still may issue a chargeback simply because of your lack of honesty. You could be honest, but you are not.
-
Let me be even more explicit: SNI (Server Name Indication) is an IETF standard since 2003, it is supported by every modern browser above 1% market share, and it solves this exact problem.
You could simply put in an interface where I can upload my SSL certificate, and then serve it when a matching server name comes along.
That you don’t do this is simply negligence. Honestly, how can you run what is essentially a CDN and not have this rolled out 5 years ago?
Do you have any plans to actually roll this out, or should I just look elsewhere? Don’t bother with the “I’m very sorry” routine, just give me the future engineering plans.
-
Hi Ecquid,
Our team is working on bringing full HTTPS support to all WordPress.com sites (including sites custom domains) — we’re hoping to roll it out to everyone this year, but it’s still being worked on and so there isn’t a definite timeline for when it will available on custom domains.
If there’s anything more I can do, please let me know.
-
Can you please escalate this? I need to know the plan or I need to jump ship.
From a forum search (which is oddly non-https?), I’m not alone. Engineering management needs to issue some guidance.
Ecquid
-
Hi, I’m checking with our team to see if I can get any additional details and will let you know as soon as I hear back about that.
-
Hi, I heard back from our developers who are working on this. We hope to have HTTPS support for all WordPress.com users this year, but no other details are available at this point.
If that’s not sufficient and you need to move your sites, I’d be happy to help you cancel your current upgrades for a full refund and export your sites so you can make a smooth transition to another host that meets your needs. Just let me know.
- The topic ‘Where exactly is the fact that HTTPS is broken for custom domains publicized?’ is closed to new replies.
WordPress.com Forums 