Wolkensteine 1d ago

RE: https://mastodon.wolkenheim.eu/@Wolkensteine/116795057265112295

I'm now also working on a way to reliably integrate git-pages into my Home Lab. I am just missing an automated way of getting wildcard certificates from my local CA!

Since I don't know much of the technical details of ACME I decided that I wouldn't search for a ready-made tool to solve this problem, but build one myself, fully according to RFC8555.
I am not yet sold on making that open, since I will surely make some huge mistakes, but if others are interested in a tool to have DNS-01 challenges solved with a PiHole DNS provider I might open source the project when I am done with the basics and feel comfortable with it.

#coding #programming #rust #forgejo #gitpages #selfhosting #dns #acme #homelab #selfsignedcerts #certificateauthority

gyptazyJul 31, 2025

Am I really the only one who uses 24hrs long living certificates which get automatically renewed and signed by an own CA via ACME?

#ssl #tls #dane #acme #certificate #certificateauthority #ca

PrivacyDigestJul 3, 2025

Let's #Encrypt rolls out free IP address #certificates • The Register

Let's Encrypt, a #CertificateAuthority (CA) known for its free TLS/SSL certificates, has begun issuing digital certificates for IP addresses.

It's not the first CA to do so. #PositiveSSL , #Sectigo, and #GeoTrust all offer TLS/SSL certificates for use with IP addresses, at prices ranging from $40 to $90 or so annually. But Let's Encrypt does so at no cost.
#security #tls #ssl #privacy

https://www.theregister.com/2025/07/03/lets_encrypt_rolls_out_free/

Let's Encrypt rolls out free security certs for IP addresses

: You probably don't need one, but it's nice to have the option

The Register
Tobias ZeumerJun 25, 2025

Hm, do Firefox and Vivaldi really not accept my system-wide custom CA(s)? On Windows, at least Firefox works fine if you set “security.enterprise_roots.enabled” to true, but on Linux it doesn't seem to make any difference. While in Firefox I can at least import a custom CA, I can't find anything similar in Vivaldi. 🤔

#firefox #vivaldi #ca #linux #certificateAuthority

MITIM BlogJun 9, 2025
New post 💥
MikroTik has a simple interface for managing certificates, but lacks the ability to notify you when such cert expires. For this reason I created a simple script insipired by forum question and modified for my purpose.
https://www.mitim.net/2025/06/script-for-checking-certificate-expiration-date-on-mikrotik?g=5
#Networking #MikroTik #Script #CertificateAuthority #CertificateAuthority
The DefendOps DiariesJun 2, 2025

Google is shaking up web security by ditching certificates from Chunghwa Telecom and Netlock after repeated slip-ups. Could your website be at risk? Dive into the details!

https://thedefendopsdiaries.com/googles-strategic-move-to-enhance-web-security-by-distrusting-chunghwa-telecom-and-netlock-certificates/

#google
#websecurity
#certificateauthority
#chunghwatelecom
#netlock

Wizards AnonymousMay 27, 2025
Best talk I've seen on #Peergos so far https://www.youtube.com/watch?v=yDU4GHsEo34 #E2EE, no #DNS, no #CertificateAuthority, #privacy #security
Peergos: The Architecture of Privacy - Ian Preston

YouTube
MITIM BlogMay 18, 2025
New post 👀
This post focuses on HTTP/+s certificate creation with local certificate authority using MikroTik device and software which had to have additional configuration modified in order to accept the CA (e.g. Certificate Authority).
https://www.mitim.net/2025/05/certificate-authority-in-soho?g=5
#MikroTik #CertificateAuthority #Security #CyberSecurity
Certificate Authority in SOHO

This post focuses on HTTP/+s certificate creation with local certificate authority using MikroTik device and software which had to have additional configuration modified in order to accept the CA (e.g. Certificate Authority).

MITIM Blog
kgoetzApr 2, 2025
Planning to make #CertificateAuthority for our business. Opinions on #smallstep #certificates Vs #EasyRSA ?
Small step certificates
0%
easy rsa
0%
Poll ended at .
Max ResingFeb 4, 2025

Got the notification by #LetsEncrypt that they will sunset the #email #certificate expiration warning. Albeit, I am a fan of it, since I have not automated all of my certificates, I can understand their argument of complexity of a system.

Albeit, I don't get, how this service costs an organization tens of thousands of dollars a year, but I do understand that operating #mail servers yourself is something the modern #Internet discourages increasingly.

More on it, in their latest blog post.

#TLS #CertificateAuthority

Ending Support for Expiration Notification Emails

Since its inception, Let’s Encrypt has been sending expiration notification emails to subscribers that have provided an email address to us. We will be ending this service on June 4, 2025. The decision to end this service is the result of the following factors: Over the past 10 years more and more of our subscribers have been able to put reliable automation into place for certificate renewal. Providing expiration notification emails means that we have to retain millions of email addresses connected to issuance records.