Tacos Digest ... security issue

Rob Seastrom rs at seastrom.com
Wed Jul 27 21:25:29 CDT 2016 

Here in the future, it's no longer necessary to run private-CA or self-signed certs and give your users browser errors.  There are free certs available (yes, even SAN...) for the price of a little bit of typing and cron manipulation, that trace back to root CAs that are in your browser's trust store.  See https://letsencrypt.org

If you've like me and have already got a workflow established around manually handling x.509 certs rather than wanting a does-it-all-for-you plugin, I can wholeheartedly recommend https://github.com/diafygi/acme-tiny

I have some scripts wrapped around acme-tiny that writes the req file based on a simple config file (plain CN or SAN), and then invokes acme-tiny and writes output files with the intermediate certs stacked in there for nginx and friends...  happy to share (yeah, I know I should just put them on github).

-r


> On Jul 26, 2016, at 11:23 AM, Mark Whittington <markwhi at gmail.com> wrote:
> 
> https://lists.amrad.org/ has a certificate signed by atanasoff.rf.org, which your browser does not recognize as a trusted Certificate Authority. It's also a SHA-1 certificate with an expiration date in 2024, which will cause some browsers (Chrome at least) to reject it as well.
> 
> I suspect Richard didn't see that because he clicked the link in the original mail for lists.amrad.org, which takes you to the non-SSL http://lists.amrad.org.
> 
> It's almost certainly not an issue, unless the person running the list server replies and says that it is.  If the warning bothers you just go to the non-SSL URL above.
> 
> On Tue, Jul 26, 2016 at 11:11 AM, Richard O'Neill <richardoneill at earthlink.net> wrote:
> 
>  Looks good when I go to that site. Try it again.
> 
> On 7/26/2016 10:53 AM, Ted Maas wrote:
> Does anyone else get this message from Firefox when they go to lists.amrad.org?
> 
> 
> Your connection is not secure
> 
> The owner of lists.amrad.org has configured their website improperly. 
> 
> _______________________________________________
> Tacos mailing list
> Tacos at amrad.org
> https://lists.amrad.org/mailman/listinfo/tacos
> 
> _______________________________________________
> Tacos mailing list
> Tacos at amrad.org
> https://lists.amrad.org/mailman/listinfo/tacos

More information about the Tacos mailing list