I Was Wrong (again): Let’s Encrypt Works For Me, Thanks to A2Hosting!

As often happens, when I bitch and whine about something, I’m bloody wrong! I was wrong about being unable to use Let’s Encrypt. No, the folks at EFF didn’t fix anything. It turns out that my hosting provider, A2Hosting took care of it for me, before I asked!! Yay A2Hosting! I took another look through … Read moreI Was Wrong (again): Let’s Encrypt Works For Me, Thanks to A2Hosting!

Still Fighting (and Failing) with Let’s Encrypt

I’m still fighting with Let’s Encrypt.  Like a Mac, it’s so easy to use, I can’t figure it out! UPDATE: A2 Hosting had the answer the entire time! Oops! Here’s an outline of my latest failure: README.md says: python sign_csr.py –public-key user.pub domain.csr > signed.crt I used: python ~/tmp/test/letsencrypt-nosudo-master/sign_csr.py –file-based –public-key domain-redacted.pub domain-redacted.csr > domain-redacted.crt … Read moreStill Fighting (and Failing) with Let’s Encrypt

Let’s Encrypt Sounds Good, But I Found its Easier Way to be Impossible

About  a year ago, the Internet Security Research Group (ISRG) launched an effort now called Let’s Encrypt to provide free (no cost) SSL certificates for web servers. The EFF (and perhaps others) have launched a set of tools known as certbot that aim to make getting and installing SSL certificates painless. My experience getting and … Read moreLet’s Encrypt Sounds Good, But I Found its Easier Way to be Impossible

Getting Ready for 2016: SHA-2 (SHA256) Certificates and Apache

It seems Google has declared SHA-1 encryption insecure. Chrome now complains about sites using this protocol for secure (https) connections. From what I understand, certificates and servers should be upgraded before 2016 in order to be viewable by Chrome users. Once again, I turned to Qualys SSL Labs for help. Their SSL Server Test is … Read moreGetting Ready for 2016: SHA-2 (SHA256) Certificates and Apache

The POODLE bytes: Taming the Dog

Just yesterday, my supervisor forwarded me an email about the SSLv3 POODLE attack, and asked me if our servers were secured against this issue. I was forced to admit that I had never heard of POODLE, but that I’d do some research and get back to her. I Googled around a bit and found a … Read moreThe POODLE bytes: Taming the Dog