Collaborate Disseminate
The ERR_CERT_DATE_INVALID error, I’m sure we’re all familiar with, is below
Visiting the same site from numerous other locations, web clients, etc shows a valid certificate.
It’s issued by let’s encrypt (cert-bot) and auto-renews. Thousan… Continue reading What could cause classic "ERR_CERT_DATE_INVALID" when I can confirm no error from numerous other clients?
this is my first post here in the area of security and encryption. I will try to be succinct, and let you know that I am not an expert in security.
Context: My client (visitor) has an X509 certificate installed on his machine, containing… Continue reading mTLS Client Authentication by Signing Arbitrary Message using Browser
I am getting the error below in trying to renew my certificate from the command line (and thus too from cron). From searching similar error reports, I understand that it means that I initially created a certificate manually and so cannot … Continue reading What does it mean to create a Let’s Encrypt certificate "automatically" rather than manually?
I’m setting up a website on a Centos7 VPS with certbot and let’s encrypt.
I am no expert on network security. I checked to see if my epel-release was pulling certbot from a legit mirror.
I ran yum search epel-release three times back-to-b… Continue reading Certbot installation from cloudfront.net epel-release mirror
I want to attach a valid ssl subdomain to my pfsense. I would check it (with warnings) via my the pfsense’s IP 192.168.11.1 .
I used multiple tutorials to come up with the following:
Bought a domain
Set the domain’s namespace to cloudflai… Continue reading pfsense subdomain timeout with error 522
For my personal use, I bought a domain for internal ssl validation for my pfsense. I was able to get the LetsEncrypt’s ACME script to successfully validate my domain and produce an ssl certificate for a subdomain. I setup my pfsense to use… Continue reading How does DNS-01 validation for LetsEncrypt know what the right IP address is?
A few days ago, Let’s Encrypt discovered that they misinterpreted RFC 5280, thus making every certificate they issued valid for one second longer than expected.
The associated issue on Mozilla bug tracker definitively looks serious, and so… Continue reading Let’s Encrypt certificate lifetime incident: is there any security risk?
A few days ago, Let’s Encrypt discovered that they misinterpreted RFC 5280, thus making every certificate they issued valid for one second longer than expected.
The associated issue on Mozilla bug tracker definitively looks serious, and so… Continue reading Let’s Encrypt certificate lifetime incident: is there any security risk?
A few days ago, Let’s Encrypt discovered that they misinterpreted RFC 5280, thus making every certificate they issued valid for one second longer than expected.
The associated issue on Mozilla bug tracker definitively looks serious, and so… Continue reading Let’s Encrypt certificate lifetime incident: is there any security risk?
Given the scenario that:
Victim rents VM1 from a cloud provider, and points his/her DNS record to that VM1’s IP address
Victim deletes VM1 and switches to a different cloud provider, and creates VM2 there, but forgets to modify the DNS re… Continue reading Verifying that no malicious certificate has been issued while a DNS record was pointing to an uncontrolled IP