Camera, contacts, advertising ID, Google Play billing all seem excessive for offline use, particularly when the aren’t needed for online use. Access to turn WiFi off/on may be needed to go offline via the app, but that also means it can turn on WiFi while offline.

Storage makes sense, given it needs to download the maps for offline use, but the permissions seem to imply full access to all storage.

I’m going off of the screenshot at https://organicmaps.app/

Pretty cool project I’d not heard of. Those offline gps nav permissions seem pretty excessive for a project claiming privacy focus.

The person isn’t talking about automating being difficult for a hosted website. They’re talking about a third party system that doesn’t give you an easy way to automate, just a web gui for uploading a cert. For example, our WAP interface or our on-premise ERP don’t offer a way to automate. Sure, we could probably create code to automate it and run the risk it breaks after a vendor update. It’s easier to pay for a 12 month cert and do it manually.