No announcement yet.

Disappointed in 3dcart's tech support in a big way...

  • Filter
  • Time
  • Show
Clear All
new posts

  • Disappointed in 3dcart's tech support in a big way...

    I help maintain a website for a client who uses 3dcart. We've been with 3dcart since 2015 and have been very pleased with the platform until what happened in December, which came as a big disappointment. My client's sales had been on a downward trend since November, when normally they are very strong for the holidays, and he contacted me to look into the issue. When I tried logging in to the admin page, I received an error related to the Symantec distrust issue. We had renewed our SSL certificate in July of 2018. I opened a ticket with 3dcart and also contacted Geotrust. Geotrust found that the SSL certificate from July hadn't been properly installed, nor had the reissued certificate from August, and that our site was using a certificate from March of 2017!! Clicking on the seal showed the renewed dates, so it was not obvious that anything had gone wrong. What's more, Geotrust said that either certificate from 2018 would have passed the trust test. I contacted 3dcart's tech number with this information, and they would not admit to any error on their part and certainly did not apologize. All that the tech guy said was "everyone had to deal with the distrust issue." Well, guess what? If they had performed their job installing the SSL certificate correctly in the first place, it wouldn't have *been* an issue! While it's certainly at least in part our responsibility to make sure our site is working, I feel like we paid for something (ie, a renewed SSL certificate) that we did not receive for an entire year at a time when it was crucial. I asked the tech guy to make sure a manager called my client, but this did not happen. Unacceptable customer service, and it has left us with a very negative attitude towards what we once thought was a great company.
    Attached Files

  • #2
    ValS There was a support ticket regarding this and the issue was an update to the google chrome browser. There was an article provided in the ticket also explaining this:

    We asked after reissuing the cert that you let us know if the site still displayed unsecured. Reason being is that we didn't get the message when viewing the sites so we had no choice but to wait on the merchants confirmation. I see we had to reissue the cert twice, once on 12/14/18 and again on 12/17/18. After the second time we didn't get any response reporting issues with the site. Many merchant were affected by this and we followed the same steps to resolve the issue.


    • #3
      William, my point is that if you guys had installed the certificate correctly BACK IN JULY 2018 WHEN IT RENEWED, we wouldn't have had the security problem/warning that WAS FINALLY RESOLVED IN DECEMBER after customers had been experiencing issues for who knows how long from November to December (per the conversation with the geotrust employee...please read my previous post's attachment carefully if you did not already). Yes, you guys resolved the problem on December 17th. But THE PROBLEM WAS YOUR CREATION STARTING IN JULY and you guys are missing this point. Please see the attached screen shot from the link you sent me. It shows that digi-cert certificates would be issued in December 2017 that would not have the distrust issue. Yet my renewal certificate in JULY 2018 WAS NOT INSTALLED CORRECTLY TO MY SITE. The geotrust employee said, and I quote, "Hmm.. the cert on [] dates back to March 2017 so these people have not been updating your certificate"
      Attached Files


      • #4
        ValS The certificate was installed properly back in July, but due to the reasons explained in the article provided it had to be reissued. This was also mentioned in the chat with Geotrust provided in that ticket.

        He stated," Maybe they did install it, but if you don't bind a cert to a site, it won't be used and will just sit there for nothing...8:35:09 AM

        and I think that is what is happening here8:35:22 AM

        On their side it would look as if we didn't install it properly but if that was the case we wouldn't have seen it secured when testing. Our support agent explained this in the ticket also when he stated:

        Happy Friday and I hope your day is going well. I see that your SSL Issued by GeoTrust SHA256 SSL CA and is Valid from 3/13/2017 to 5/13/2019. Please see screenshot to support this.

        However, if you're on Google Chrome, for some reason it shows your site not secure. But, if you try it from any other browser like IE or Firefox you will see that it is secure. Please see screenshot to support this.

        You responded with the article agreeing:

        The problem is occurring intermittently with Firefox too. I believe my SSL certificate will require re-issuance, according to this article:

        'All SSL/TLS certificates issued from the Symantec infrastructure (before December 1, 2017) will require re-issuance to ensure continuity for your customers. This includes all brands in the Symantec family - Symantec. Thawte, GeoTrust and RapidSSL. It is strongly advised to reissue certificates as soon as possible to avoid risk or delays. '


        As you stated the issue was with firefox as well as chrome, both are products from the same company that's why both were affected.


        • #5
          If 3dcart had installed the certificate correctly back in July, as you claim, the date shown on the seal as the "valid from" starting point date would have been July 2018, NOT 3/13/17 as your screenshot shows (my seal now shows this date as August 2018, representing the latest re-issued certificate). What I mentioned in the support ticket was based on my admittedly limited knowledge before speaking with the geotrust tech. I didn't know that certificates issued after December 1, 2017 were issued from DigiCert and therefore would have passed the trust test. I also didn't realize that my certificate had ALREADY been reissued in August but not the geotrust tech himself said...EITHER CERTIFICATE FROM 2018 IF PROPERLY INSTALLED WOULD HAVE BEEN PASSED THE TRUST TEST
          Last edited by ValS; 01-09-2019, 06:01 PM.


          • #6

            Message body


            Thanks for the email. Any certificate issued or reissued after Dec. 1, 2017 would have been issued through DigiCert's validation system and issued using a certificate chain trusted by Chrome. Your July renewal would have certainly been valid for Chrome. In fact I pulled up the raw certificate data from our backend system and both the July and August reissues you referred to were issued off of the same trusted certificate chains. Without casting any blame, it is definitely possible that there could have been confusion by the party installing the cert, and either the wrong certificate was installed or installed incorrectly, they may not have been provided with the correct certificate, or they may have read a false report/rumor that mentioned they needed to reissue again, etc. It's hard to say exactly what the case could have been.

            What I can say is that either one of the certs you issued in 2018 will be fine along with any future certs you may issue using GeoTrust or any of DigiCert's affiliate brands.

            Let us know if you have any further questions. Have a nice day!

            GeoTrust Support

            If we've delivered 5-star customer service, we'd love to hear your DigiCert Experience.
            You can also share your feedback by e-mailing my manager directly at: [email protected].