Collaborate Disseminate
Given the scenario that:
Victim rents VM1 from a cloud provider, and points his/her DNS record to that VM1’s IP address
Victim deletes VM1 and switches to a different cloud provider, and creates VM2 there, but forgets to modify the DNS re… Continue reading Verifying that no malicious certificate has been issued while a DNS record was pointing to an uncontrolled IP
So many websites seem to rely on free letsencrypt certificates for their TLS, wouldn’t it cause a major disruption? Isn’t this a "single point of failure" problem in the modern web?
Please correct me if I’m mistaken, but I’ve reached the conclusion that CA-signed certificates in the current Internet Public Key Infrastructure do not add any more security compared to servers providing self-signed certificates or raw pub… Continue reading Certificates Do Nothing
Domain: https://americanselfstorageok.com
Yesterday morning it started giving a "your connection is not private" warning for me and all of the users and client. It didn’t renew the certs automatically for some reason.
I ssh’d int… Continue reading Certbot certs seem to be bad on every computer but mine [migrated]
Have a look here: https://letsencrypt.org/2018/08/06/trusted-by-all-major-root-programs.html
First paragraph says: "As of the end of July 2018, the Let’s Encrypt root, ISRG Root X1, is directly trusted by Microsoft products."
I h… Continue reading Where is ISRG Root X1 certificate on Windows 10?
Let’s Encrypt was founded in 2012, going public in 2014, with the aim to improve security on the web. The goal was to be achieved by providing free, automated access to SSL and TLS certificates that would allow websites to make the switch over to HTTPS without having to spend …read more
Continue reading Let’s Encrypt Will Stop Working For Older Android Devices
I have developed my DRF back-end API locally, deployed it on an AWS Lightsail instance (with a public static IP) and I now want to secure it with HTTPS.
I understand that in order to use Let’s Encrypt (and not pay for an SSL certificate), … Continue reading Do I need to associate my backend API server with a domain name to get an SSL certificate for it (HTTPS)?
I have used letsencrypt’s certbot for creating certs for my domains. I have to download certbot and run in my machine and it gives a string to be placed in as dns record. I have to manually add the dns record. Then the certbot will verify … Continue reading Why letsencrypt certificate generation not done like domain verification done by GSuite? [closed]
I obtained an SSL certificate from LetsEncrypt for my web application using Apache web server. LetsEncrypt generated these 4 files:
cert.pem chain.pem fullchain.pem privkey.pem
As I understand, cert.pem is the public key. Now I tried t… Continue reading Public key stored in server is different from what is shown in OpenSSL
First, some background: The DNS-01 verification method of Let’s Encrypt requires you to add a TXT record to a special subdomain your domain name to prove your identity. With ACMEv2, this can allow you to get a wildcard certificate, which w… Continue reading What stops a malicious DNS subdomain provider from impersonating my website?