My frustration with these offerings is that they tend to only service public-facing HTTPS servers. There are a lot of use cases where valid certificates come into play, and a lot of them aren't facing the public internet or serving HTTP traffic.