ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    1. Home
    2. Tags
    3. ssl certificates
    Log in to post
    • All categories
    • dbeato

      Gmail issue adding external email account to send.
      IT Discussion • gmail google tls ssl certificates smtp exim4 exim • • dbeato

      1
      1
      Votes
      1
      Posts
      587
      Views

      No one has replied

    • Pete.S

      Where can I learn more about SSL certs?
      IT Discussion • ssl certificates certificate authority • • Pete.S

      12
      2
      Votes
      12
      Posts
      233
      Views

      Pete.S

      @black3dynamite said in Where can I learn more about SSL certs?:

      This is 5-part article about setting up your CA is pretty good.
      https://devcentral.f5.com/s/articles/building-an-openssl-certificate-authority-introduction-and-design-considerations-for-elliptical-curves-27720

      Blog posts on Altaro.
      https://www.altaro.com/hyper-v/public-key-infrastructure/
      https://www.altaro.com/hyper-v/wsl-offline-root-certificate-authority-windows-pki/
      https://www.altaro.com/hyper-v/windows-ssl-certificate-templates/
      https://www.altaro.com/hyper-v/request-ssl-windows-certificate-server/
      https://www.altaro.com/hyper-v/view-revoke-manually-approve-certificates/

      Thanks! I've started to read the info.

    • WLS-ITGuy

      Let's Encrypt Windows Server
      IT Discussion • lets encrypt windows server 2016 ssl certificates • • WLS-ITGuy

      20
      1
      Votes
      20
      Posts
      446
      Views

      WLS-ITGuy

      @scottalanmiller said in Let's Encrypt Windows Server:

      @WLS-ITGuy said in Let's Encrypt Windows Server:

      @JaredBusch you don't have any issues with agents checking in or pushing out updates with the RP?

      What would be the concern?

      Curious more than anything.

    • dbeato

      Exchange 2016 Let's Encrypt Setup
      IT Discussion • lets encrypt microsoft exchange ssl certificates exchange 2016 win-acme • • dbeato

      28
      1
      Votes
      28
      Posts
      9366
      Views

      JaredBusch

      EMC shows it is assigned to all services and the schedule task is there.

      Calling this a win.

    • bbigford

      Namecheap site - cert expired
      IT Discussion • ssl certificates namecheap • • bbigford

      14
      4
      Votes
      14
      Posts
      580
      Views

      Obsolesce

      I just got a 2 year cert from NameCheap the other week. No issues at all anywhere, didn't even notice that cert was expired.

    • scottalanmiller

      Get Wildcard SSL Certs for IIS on Windows with LetsEncrypt
      IT Discussion • ssl ssl certificates lets encrypt iis windows windows server acme ssl wildcard • • scottalanmiller

      19
      5
      Votes
      19
      Posts
      12711
      Views

      scottalanmiller

      @phlipelder said in Get Wildcard SSL Certs for IIS on Windows with LetsEncrypt:

      @scottalanmiller said in Get Wildcard SSL Certs for IIS on Windows with LetsEncrypt:

      @phlipelder said in Get Wildcard SSL Certs for IIS on Windows with LetsEncrypt:

      @scottalanmiller said in Get Wildcard SSL Certs for IIS on Windows with LetsEncrypt:

      @phlipelder said in Get Wildcard SSL Certs for IIS on Windows with LetsEncrypt:

      @jaredbusch said in Get Wildcard SSL Certs for IIS on Windows with LetsEncrypt:

      @scottalanmiller my problem with Certs on Windows, in general, is that you almost always have to copy it around to multiple servers to make everything work well, and that jsut defeats the purpose of LE.

      Based on what is on the site, Microsoft has an intrinsic trust with LE's root store. I should be able to set up a RD Session Host with a LE certificate for publishing and there should be no untrusted publisher for RemoteApps or Session Host desktops once the certificate's thumbprint is published via Group Policy?

      One would hope that they would. LE is like the standard in SSL Certs. It's from the EFF, way more trustworthy than other cert authorities, IMHO.

      Snag: Valid for 90 days. In larger RDS farm settings this would be a bear to manage. That means the need for an automated process.

      It is expected to be automated. SSL Cert updates should not be intrusive. All of the tools for LE SSL Certs are designed around the idea that you will automate them and never need to worry about them again. It's about being less of a snag, not more of one.

      Got it thanks. Looks like a bit of a learning curve then. πŸ™‚

      It's not bad. I find learning the LE pieces easier than learning to do it the old fashioned way πŸ™‚ And with LE it is "learn once and ignore", rather than "learn once, forget, do again in a year or two all over again."

    • hobbit666

      Wild Card SSL - Unifi/UNMS
      IT Discussion • unifi controller unms ssl certificates • • hobbit666

      8
      2
      Votes
      8
      Posts
      2088
      Views

      hobbit666

      @dbeato @JaredBusch thanks for the info. If I get time might give it a go over the weekend. Otherwise job for Monday morning

    • wrx7m

      Resolved-Exchange 2010 - UCC SSL Cert Renewal WTF
      IT Discussion • exchange 2010 ssl ssl certificates ucc req • • wrx7m

      12
      1
      Votes
      12
      Posts
      1674
      Views

      T

      I had the same problem:

      Microsoft includes a command-line utility with Certificate Services called certutil. This utility performs various operations on certificate files, including converting them to and from base64 format.

      Note that this command is run on your certificate server, which, in your environment, may be different from your Exchange server. If so, you need to copy the binary .req file to the certificate server, or make it accessible via a shared network folder or removable storage device.

      Open a command prompt on the certificate server and navigate to the folder where your binary .req file is, then type the following command:

      certutil -encode yourbinaryinputfile yourasciioutputfile

      Example:
      certutil -encode der.exchange.example.com.req pem.exchange.example.com.req
      You can then open the output file in Notepad and confirm that it is in the correct format to upload to your certifying authority.

    • brianlittlejohn

      Solved Certbot Apache plugin broken in Fedora 26
      IT Discussion • lets encrypt certbot apache fredora linux fedora 26 ssl ssl certificates tls • • brianlittlejohn

      20
      2
      Votes
      20
      Posts
      3948
      Views

      JaredBusch

      @zachary715 said in Certbot Apache plugin broken in Fedora 26:

      @scottalanmiller said in Certbot Apache plugin broken in Fedora 26:

      I ran into this issue, forgot about this thread, went through LetsEncrypt's threads and their solution for this problem led me... here! Very nice.

      Just did the exact same thing. Let'sEncrypt forum had the link which led me here right about the time @JaredBusch was responding in my other thread.

      It has been posted on here more than one time. I should probably find one of those posts and make @scottalanmiller tag it appropriately.

      Edit: Or too slow..

    • Obsolesce

      IIS and LetsEncrypt
      IT Discussion • iis lets encrypt ssl certificates ssl • • Obsolesce

      3
      1
      Votes
      3
      Posts
      1384
      Views

      Obsolesce

      @NashBrydges Oh this is awesome! Gonna be giving that a go on Monday or Tuesday.

    • Ambarishrh

      14,766 Let's Encrypt SSL Certificates Issued to PayPal Phishing Sites
      IT Discussion • lets encrypt ssl certificates phishing • • Ambarishrh

      7
      1
      Votes
      7
      Posts
      1108
      Views

      JaredBusch

      There is a blacklist that all CA's have on high dollar domain names to prevent major fraud. LE cannot issue for something.microsoft.com or something.bestbuy.com for example.

      But the sub domain names used in these PayPal examples are all outside of that. They are all on valid (ish) TLD.

    • AdamF

      FreePBX, SelfSigned Certs, & Let's Encrypt
      IT Discussion • ssl certificates ssl lets encrypt freepbx • • AdamF

      18
      1
      Votes
      18
      Posts
      6387
      Views

      scottalanmiller

      Yeah, that's a really awesome feature.

    • Ambarishrh

      Let's Encrypt is now used around 4.86%
      News • ssl ssl certificates lets encrypt • • Ambarishrh

      14
      1
      Votes
      14
      Posts
      2637
      Views

      JaredBusch

      @scottalanmiller said in Let's Encrypt is now used around 4.86%:

      Yeah, probably a lot less than a year before LE rules the roost. Maybe four more months? In a year it will have significant dominance, I am guessing.

      More likely about this time next year because they did not come out of beta until March

    • JaredBusch

      Camp image proxy to prevent mixed content warnings
      Platform and Category Issues • ssl certificates ssl images mixed content • • JaredBusch

      1
      0
      Votes
      1
      Posts
      811
      Views

      No one has replied

    • JaredBusch

      Websockets and Cloudflare
      Platform and Category Issues • nodebb websocket cloudflare ssl certificates ssl • • JaredBusch

      2
      0
      Votes
      2
      Posts
      1119
      Views

      scottalanmiller

      @JaredBusch said:

      Here you go @scottalanmiller. Add a sub domain to handle the Websockets.

      https://community.nodebb.org/topic/7930/using-cloudflare-with-nodebb

      Thanks. That's been mentioned a few times over there but a how-to has been missing and when I'd asked about it the topics all went silent. Will look into this.

    • JaredBusch

      Setting up LetsEncrypt on a CentOS 7 NginX proxy
      IT Discussion • lets encrypt centos 7 nginx proxy ssl ssl certificates encryption how to real instructions • • JaredBusch

      13
      7
      Votes
      13
      Posts
      9665
      Views

      JaredBusch

      @travisdh1 said in Setting up LetsEncrypt on a CentOS 7 NginX proxy:

      @JaredBusch said in Setting up LetsEncrypt on a CentOS 7 NginX proxy:

      @aaronstuder said in Setting up LetsEncrypt on a CentOS 7 NginX proxy:

      Any updates to this?

      Use Certbot never this method. keep your life simpler.

      Yeah. If the old way is working, that should keep working. However, certbot is easier to use.

      When my system came up for renew after certbot was out, I installed certbot and renewed that way. everything is in the same pace. nothing had to be changed in the config files.

    • JaredBusch

      Let’s Encrypt will enter Public Beta on December 3, 2015
      IT Discussion • lets encrypt ssl certificates encryption • • JaredBusch

      6
      3
      Votes
      6
      Posts
      1539
      Views

      BRRABill

      @MattSpeller

      Thanks for the writeup for us noobs.

    • JaredBusch

      Need a SSL with 4 Subject Alternate Names
      IT Discussion • ssl ssl certificates godaddy • • JaredBusch

      14
      1
      Votes
      14
      Posts
      2762
      Views

      stacksofplates

      @Dashrender said:

      @JaredBusch said:

      @Dashrender said:

      Does Let's Encrypt give SAN certs? I was under the impression that it's for single one off type situations where people don't have the cash to purchase their own cert, most likely being used by someone self hosting (or single site/server hosting).

      If it is free, there is no reason not to get 4 or 5 certs instead of a SAN for most things.

      Stupid question time (cause I don't know) can you install multiple certs on the same server?

      I don't know about apache, but with NGINX each virtual host can have it's own.

    • mlnews

      John McAfee is Back and is Selling SSL Certs
      News • ssl certificates • • mlnews

      1
      1
      Votes
      1
      Posts
      580
      Views

      No one has replied

    • A

      Where do you buy your SSL certs from?
      IT Discussion • ssl ssl certificates godaddy comodo verisign • • Alex Sage

      10
      1
      Votes
      10
      Posts
      3173
      Views

      Ambarishrh

      We get from rapidssl https://www.rapidssl.com/ (single domain- $49, wild card $199) or network solutions