Collaborate Disseminate
The Let’s Encrypt upcoming features page lists the following:
Multi-Perspective Validation
Currently Let’s Encrypt validates from a single network perspective.
We are planning to start validating from multiple netw… Continue reading What is Multi-Perspective Validation?
I understand the principle of HSTS, and the fact that the choice of max-age limits how long a visitor could potentially be locked out if the site somehow lost its certificate and had to go back to HTTP-only for a while. When … Continue reading Should the Strict-Transport-Security max-age be tied to the duration of the certificate?
I am running a windows server and am trying to figure out how I am going to add a certificate to my site (that isn’t self-signed) and I was wondering if anybody had tried using the Linux Subsystem in windows to do this.
I have an issue after Let’s Encrypt Wildcard Certificate installation, maybe somebody can help me.
I have installed a Wildcard certificate generated by sslforfree.com at cPanel.
The domain is fluidpower.pro and at the hosti… Continue reading Let’s Encrypt Wildcard SSL certificate doesn’t match domain name [on hold]
I have an e-commerce site host name (example.com) and want to install an Extended Validation TLS certificate for it.
But I use a cookieless static content served from another host name (static.example.com) for images of the … Continue reading Let’s Encrypt and EV certificates for different hosts in the same domain
The U.S. government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. But to date, the specifics of exactly how that attack went down and who was hit have remained shrouded in secrecy.
This post seeks to document the extent of those attacks, and traces the origins of this overwhelmingly successful cyber espionage campaign back to a cascading series of breaches at key Internet infrastructure providers. Continue reading A Deep Dive on the Recent Widespread DNS Hijacking Attacks
Let’s Encrypt is based in the United States and subject to the laws of the United States, including National Security Letters. What are the implications for foreign sites that use Let’s Encrypt?
Here’s what I have come up wi… Continue reading Let’s Encrypt is based in the US and subject to US laws
Edit: Would deleting the www.hungry.example.org DNS record be a good solution if there are no links to it?
I have a domain (example.org) and a subdomain (hungry.example.org). Until recently they had separate SSL Certificates… Continue reading Workaround for no www.subdomain.domain coverage on wildcard cert
I have a setup in docker where I have LetsEncrypt ACME Boulder + CertBot + DNSMASQ as a DNS Server. Additionally I have a client and a service where the service is served over https only.
I had first self signed a certifica… Continue reading Lets Encrypt + Cert Bot: Setting up known Certificate Authority
I have a VPS server under Ubuntu 17.10, and I have 2 domains, I have created a successful SSL certificate for the first domain 2 months ago,
Today I tried to install lets encrypt domain for the 2nd one, with
certbot –authe… Continue reading Lets encrypt ERR_CERTIFICATE_TRANSPARENCY_REQUIRED on chrome 68.0.3440.106 [migrated]