Collaborate Disseminate
From GoDaddy’s Renewing my SSL Certificate docs (emphasis mine):
If you’re using a Domain Validation (DV) certificate with the primary domain for your account, and you’ve set the certificate to auto-renew, no further action is needed on y… Continue reading How does automatic SSL certificate renewal work without having access to the private key?
I’m learning how to test HTTPS locally and found that articles written before ca. 2019 (e.g., 1, 2, 3) contain only a few steps, whereas later posts (e.g., 4, 5, 6, 7, 8, 9) always make sure that v3 extensions are also configured.
Why is t… Continue reading Why is a v3 extension needed for a X.509 certificate to be used to test HTTPS on localhost?
I just learned that, for whatever reason, domain names can get resolved to the wrong IP address, therefore requests can hit the wrong servers. (Just some examples of erroneous domain resolutions from Server Fault: 1, 2, 3.)
Now, if this sc… Continue reading Where would an HTTPS request fail if the domain erroneously resolves to the wrong IP address? [duplicate]
This freeCodeCamp article recommends
setting up a CA server,
installing the CA root certificate file into the system’s trust store, and
generating a leaf certificate for the project’s web server.
Based on my understanding of the TLS hand… Continue reading Is setting up a CA server necessary when all I want is to test HTTPS for a web project on localhost?
First of all, is my understanding correct that primary keys and subkeys are all key pairs consisting of a private and a public key?
I get the rationale behind using primary keys and subkeys1, and why one should keep the private primary key… Continue reading How securely should one treat their primary public key?