View Full Version : Certificate

28-01-2011, 03:43 PM
Just heard from someone who was sent an invoice from their IT company to renew the cert on their SBS server...$5,000.


28-01-2011, 03:57 PM
Renew the certificate for what? As far as I'm aware, SBS is a one-off purchase (as are CALs), and there isn't any kind of subscription involved.

Are you sure they weren't purchasing another Windows Server version, rather than renewing their existing one?

28-01-2011, 04:12 PM
Is there a question here? Is there any more specific info? Could easily be a higher-end, longer-duration SSL certificate with extras for that price.

28-01-2011, 05:24 PM
That's a good point, it may not be SBS that they're paying for.

28-01-2011, 05:37 PM
Microsoft Software Assurance agreement or something like that perhaps?
Which isn't compulsary to renew AFAIK.

28-01-2011, 09:42 PM
or possibly a scam

29-01-2011, 09:58 AM
could be authentication certificate

31-01-2011, 07:41 AM
Sorry should have been more specific - was pi$$ed off and just posted a short message. Just an SSL cert that you can pick up for what... US$50 on godaddy?

31-01-2011, 08:37 AM
Seriously? They charged $5k for a bog-standard, normal, not special in any way SSL certificate with a standard expiry (one or two years)?

That's a pretty significant breach of trust, and possibly illegal.

31-01-2011, 09:14 AM
Yup - I was quite stunned. They *wanted* to charge $5k, luckily I saw the invoice and put a stop to it. I've advised the client to go to another IT provider based on that invioce, plus some other 'discrepancies'.

31-01-2011, 09:41 AM
To play DA, are you sure it was just a standard SSL cert? A multi-year cert with site/publisher authentication and multiple SANs could easily be close to $5k. In fact one of the certs we manage is provided by Verisign and for 3 servers with 4 SANs its something like $50k/2years.

31-01-2011, 09:48 AM
Totally sure. The client has 11 staff (!) all based on one office - the cert was for remote access so users didn't get the cert error message. They have a single SBS server, no SAN.
They have been spending about $5k a month (yes, unbelievable) on IT support and services from a single company, the client is a not-for-profit and it's sucking all the money they need to actually deliver the service they are supposed to be. Hopefully from this point on they will take my advice and move on to another provider.

31-01-2011, 10:33 AM
Yikes... not only does that merit switching providers ASAP, I'd also recommend they get their systems audited in case the previous contractor left any nasties behind (backdoor accounts / VPN access etc).

Don't tell the contractor they're fired until *after* you've had someone else lock them out of the system and made sure there aren't any sneaky ways for them to get back in.

This also warrants a lawsuit if they can be bothered with one... $5k/month for 11 staff & one SBS install is *way* out of line, unless they have some very unusual requirements.