alt Hacker NewsJumping in here since we’ve been seeing more mentions of ZeroSSL lately, likely related to the recent CA/B Forum discussions around 1‑year certificates and ACME automation.
- We’re based in Austria (ZeroSSL GmbH). The company was acquired by HID in 2024, which is part of Assa Abloy (Sweden).
- We’re not positioning ourselves as a purely EU-based CA substitute, and we generally don’t market it that way.
- For DV certs specifically, we act as a distributor. Under the hood these are Sectigo-issued certificates, similar to how other providers (for example Namecheap) operate.
Happy to clarify further if useful.
Replies
Sectigo used to be Comodo's CA business. If memory serves, that business was purchased by a US PE firm and renamed "Sectigo". Sectigo Inc.'s corporate headquarters is now in Scottsdale, AZ.
There's no reason to believe they're any less subject to US jurisdiction than LetsEncrypt.
Any plans on becoming an independent CA? Would certificates issued in your name also risk being affected by US sanctions trough sentigo?
> - We’re not positioning ourselves as a purely EU-based CA substitute, and we generally don’t market it that way.
OK, but in the context of this topic thr interesting part isn't your marketing but your jurisdiction.
Could you clarify which jurisdiction you operate under and a link on the ZeroSSL website that collaborates that?
Thank you <3