Mastodon

8 posts7 participants3 posts today

MatthiasGibt es bereits jemanden, der <a href="https://www.buypass.com/products/tls-ssl-certificates/go-ssl" rel="nofollow noopener noreferrer" target="_blank">buypass.com</a> statt Let's Encrypt auf einem Server betreibt?Bei <a href="https://www.buypass.com" rel="nofollow noopener noreferrer" target="_blank">buypass.com</a> handelt es sich um ein Norwegisches Unternehmen aus Oslo, mit deren kostenlosen SSL Zertifikate Server abgesichert werden können. <a href="https://www.openstreetmap.org?mlat=59.9501600&mlon=10.7658200#map=16/59.9501600/10.7658200" rel="nofollow noopener noreferrer" target="_blank">Gullhaug Torg 2d, 0484 Oslo, Norwegen</a> Die Installation erfolgt mittels certbot und sieht übersichtlich aus.Certbot installieren: <pre><code>sudo apt update sudo apt install certbot</code></pre> Bei Buypass CA registrieren: Registrieren Sie Ihre E-Mail-Adresse bei Buypass CA mit Certbot. Dieser Schritt ist notwendig, um ein Konto bei Buypass zu erstellen:<pre><code>sudo certbot register --server 'https://api.buypass.com/acme/directory'</code></pre>Sie werden aufgefordert, Ihre E-Mail-Adresse einzugeben und den Nutzungsbedingungen zuzustimmen. Alternativ können Sie eine Einzeiler verwenden, um diesen Prozess zu automatisieren: <pre><code>sudo certbot register -m 'your-email@example.com' --no-eff-email --agree-tos --server 'https://api.buypass.com/acme/directory'</code></pre> SSL-Zertifikat erhalten: Verwenden Sie Certbot, um das SSL-Zertifikat für Ihre Domain zu erhalten. Ersetzen Sie example.com durch Ihren tatsächlichen Domainnamen: <pre><code>sudo certbot certonly --webroot -w /var/www/example.com/public_html/ -d example.com -d www.example.com --server 'https://api.buypass.com/acme/directory'</code></pre> Dieser Befehl weist Certbot an, die Webroot-Methode zur Domain-Validierung zu verwenden und den Webroot-Pfad für Ihre Domain anzugeben1. Automatische Erneuerung einrichten: Certbot kann Ihre Zertifikate automatisch erneuern. Um die automatische Erneuerung einzurichten, können Sie einen Cron-Job hinzufügen. Bearbeiten Sie die Cron-Jobs für den Root-Benutzer:<pre><code>sudo crontab -e</code></pre>Fügen Sie die folgende Zeile hinzu, um den Erneuerungsprozess zweimal täglich zu planen:<pre><code>0 0,12 * * * /usr/bin/certbot renew --quiet</code></pre>Dies führt den Erneuerungsprozess täglich um Mitternacht und Mittag aus und stellt sicher, dass Ihre Zertifikate immer aktuell sind.<a href="https://loma.ml/search?tag=LetsEncrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LetsEncrypt</a> <a href="https://loma.ml/search?tag=buypass" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#buypass</a> <a href="https://loma.ml/search?tag=sslzertifikat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sslzertifikat</a>Diese Angaben sind natürlich ohne Gewähr. Die Verwendung erfolgt auf eigene Gefahr.

heise onlineDie maximale Laufzeit von digitalen Zertifikaten für verschlüsselte Verbindungen zu Web- und anderen Servern wird sich künftig drastisch verkürzen. Im Jahre 2029 sind diese statt mit 398 Tagen nur noch mit 47 Tagen Laufzeit ausgestattet. Zum Artikel: <a href="https://heise.de/-10352867?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://heise.de/-10352867?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</a><a href="https://social.heise.de/tags/tls" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tls</a> <a href="https://social.heise.de/tags/serverzertifikate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#serverzertifikate</a> <a href="https://social.heise.de/tags/cabrowserforum" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cabrowserforum</a> <a href="https://social.heise.de/tags/verschl%C3%BCsselung" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#verschlüsselung</a> <a href="https://social.heise.de/tags/letsencrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#letsencrypt</a>

Joel Carnat ♑ 🤪 :runbsd:<a href="https://piou.foolbazar.eu/tags/ItWasDNS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ItWasDNS</a> Well… in fact, it was /me not installing the <a href="https://piou.foolbazar.eu/tags/LetsEncrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LetsEncrypt</a> renew script and daemon reload cron so that <a href="https://piou.foolbazar.eu/tags/DNSoverTLS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DNSoverTLS</a> works properly over time.<a href="https://piou.foolbazar.eu/tags/SysAdminFail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SysAdminFail</a>

M SchommerWarum eigentlich ist <a href="https://hostux.social/tags/LetsEncrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LetsEncrypt</a> so arschig und stellt die Zertifikats-Erinnerungs-Mails ein? Weil teuer? Echt jetzt?

Gytis RepečkaOh hey, <code>CAA</code> records really work :ablobcatattention:Switched one site from paid TLS certificate to LetsEncrypt and forgot to update DNS record. As expected, LetsEncrypt looks at and refuses to issue a certificate if <code>CAA</code> lists other issuer. Nice :blobcatthumbsup:<a href="https://social.gyt.is/tags/fediadmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fediadmin</a> <a href="https://social.gyt.is/tags/tls" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tls</a> <a href="https://social.gyt.is/tags/letsencrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#letsencrypt</a> <a href="https://social.gyt.is/tags/certificate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#certificate</a>

Éric V.Do any email sysadmin understand what's the difference between StartTLS and x509 scores in the MECSA report? How to go from orange to green score? What requirements must the certificate have and is it possible with LetsEncrypt?relevant links <a href="https://mecsa.jrc.ec.europa.eu/faq#section2" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://mecsa.jrc.ec.europa.eu/faq#section2</a> and <a href="https://mecsa.jrc.ec.europa.eu/en/technical#x509" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://mecsa.jrc.ec.europa.eu/en/technical#x509</a><a href="https://mamot.fr/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://mamot.fr/tags/letsencrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#letsencrypt</a> <a href="https://mamot.fr/tags/email" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#email</a> <a href="https://mamot.fr/tags/sysadmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sysadmin</a> <a href="https://mamot.fr/tags/postfix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#postfix</a> <a href="https://mamot.fr/tags/certificate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#certificate</a> <a href="https://mamot.fr/tags/x509" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#x509</a> <a href="https://mamot.fr/tags/europe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#europe</a> <a href="https://mamot.fr/tags/selfhosted" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#selfhosted</a>

Miguel Afonso Caetano"When Let’s Encrypt, a free certificate authority, started issuing 90 day TLS certificates for websites, it was considered a bold move that helped push the ecosystem towards shorter certificate life times. Beforehand, certificate authorities normally issued certificate lifetimes lasting a year or more. With 4.0, Certbot is now supporting Let’s Encrypt’s new capability for six day certificates through ACME profiles and dynamic renewal at: - 1/3rd of lifetime left - 1/2 of lifetime left, if the lifetime is shorter than 10 days"<a href="https://www.eff.org/deeplinks/2025/04/certbot-40-long-live-short-lived-certs" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.eff.org/deeplinks/2025/04/certbot-40-long-live-short-lived-certs</a><a href="https://tldr.nettime.org/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://tldr.nettime.org/tags/WebSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebSecurity</a> <a href="https://tldr.nettime.org/tags/TLS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TLS</a> <a href="https://tldr.nettime.org/tags/Certbot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Certbot</a> <a href="https://tldr.nettime.org/tags/LetsEncrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LetsEncrypt</a>

The UberduckWell, it certainly seems like <a href="https://hachyderm.io/tags/redhat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#redhat</a> has gone down the Embrace, Extend, Extinguish path with <a href="https://hachyderm.io/tags/freeipa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#freeipa</a>. Wanted to try to add a plugin to their docker image. Turns out in the process of building their docker image they break it entirely and have the setup.sh script fix it again so the only way to extend it would be to do something unholy with systemd or patch the setup.sh script in the dockerfile.Fine, have it your way, I'll just install it on a raw Alma VM. Now, how do we get <a href="https://hachyderm.io/tags/letsencrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#letsencrypt</a> working?Oh, there's a howto. Cool.Oh, it doesn't work.Well, the howto references a script in a github repo. Maybe that'll work?It gets farther, but it still errors out because apparently they're manually downloading the letsencrypt CAs and adding them to FreeIPA, rather than pulling them from the system ca store.And aside from a github issue or two, all the documentation on this is hidden behind <a href="https://hachyderm.io/tags/redhat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#redhat</a>'s paywall.Swear to dog, I'm'a fire the next person who buys IBM.

GilgwathWhy does <a href="https://social.tchncs.de/tags/letsencrypt" class="mention hashtag" rel="tag">#letsencrypt</a> sound to my brain like a good name for a business that builds fancy tombs? 🤷

Rad Web HostingHow to Install <a href="https://mastodon.social/tags/PeerTube" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PeerTube</a> on <a href="https://mastodon.social/tags/Ubuntu" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ubuntu</a> VPS This article provides an in-depth guide demonstrating how to install PeerTube on Ubuntu VPS. What is PeerTube? PeerTube is a decentralized, federated video hosting platform powered by WebTorrent and ActivityPub. It enables users to self-host video services and interact with other PeerTube ... Continued 👉 <a href="https://blog.radwebhosting.com/how-to-install-peertube-on-ubuntu-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://blog.radwebhosting.com/how-to-install-peertube-on-ubuntu-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost</a> <a href="https://mastodon.social/tags/letsencrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#letsencrypt</a> <a href="https://mastodon.social/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#opensource</a> <a href="https://mastodon.social/tags/installguide" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#installguide</a> <a href="https://mastodon.social/tags/selfhosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#selfhosting</a> <a href="https://mastodon.social/tags/selfhosted" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#selfhosted</a> <a href="https://mastodon.social/tags/videostreaming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#videostreaming</a> <a href="https://mastodon.social/tags/decentralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#decentralized</a> <a href="https://mastodon.social/tags/nodejs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nodejs</a> <a href="https://mastodon.social/tags/vpsguide" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vpsguide</a> <a href="https://mastodon.social/tags/fediverse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fediverse</a>

teufel100😈Okay, <a href="https://social.guckt.info/tags/buypass" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#buypass</a> ist dann vielleicht doch keine Alternative für <a href="https://social.guckt.info/tags/letsencrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#letsencrypt</a>. Schade eigentlich, aber so ist das eben --> <a href="https://community.buypass.com/t/m1yfby4/future-changes-to-buypass-go-ssl" rel="nofollow noopener noreferrer" target="_blank">https://community.buypass.com/t/m1yfby4/future-changes-to-buypass-go-ssl</a>

Heals :heart_nb:I recently started to replace <a href="https://indiepocalypse.social/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nginx</a> with <a href="https://infosec.exchange/@caddy" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@caddy</a> and it's as satisfying as it is scary to replace a complex config that spans five included files and a total of about 400 lines with a single Caddyfile of around 80 lines. And on top of that <a href="https://indiepocalypse.social/tags/Caddy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Caddy</a> also made certbot redundant as it takes care of fetching and renewing the tls certs from <a href="https://indiepocalypse.social/tags/LetsEncrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LetsEncrypt</a> and keeps a <a href="https://indiepocalypse.social/tags/ZeroSSL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ZeroSSL</a> backup for all of my domains. I think I'm in love..

BjoernB<a href="https://rollenspiel.social/@ArneBab" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@ArneBab</a> I heard today that this will not affect <a href="https://rollenspiel.social/tags/letsencrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#letsencrypt</a> operations, but funding for further development. So, even if they cut it, we won't end up having millions of invalid certificates within 90 days.

Arne BabenhauserheideSounds like we’ll need a EU-based alternative to <a href="https://rollenspiel.social/tags/letsencrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#letsencrypt</a>:<a href="https://thelibre.news/trump-cuts-funding-to-foss-projects/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://thelibre.news/trump-cuts-funding-to-foss-projects/</a>"Trump cuts funding to FOSS projectsSo far he hasn't been successful, but it might simply be a matter of time."Much earlier than I expected.

Rad Web HostingHow to Install Centmin Mod on <a href="https://mastodon.social/tags/AlmaLinux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AlmaLinux</a> <a href="https://mastodon.social/tags/VPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VPS</a> (5 Minute Quick-Start Guide) Here's a detailed step-by-step guide on how to install Centmin Mod on AlmaLinux VPS server. What is Centmin Mod? Centmin Mod is a shell-based, menu-driven installer that automates the deployment of a LEMP (Linux, Nginx, MariaDB/MySQL, PHP-FPM) stack on CentOS, AlmaLinux, and Rocky Linux servers. Designed for efficiency and performance, it ... Continued 👉 <a href="https://blog.radwebhosting.com/how-to-install-centmin-mod-on-almalinux-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://blog.radwebhosting.com/how-to-install-centmin-mod-on-almalinux-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost</a> <a href="https://mastodon.social/tags/letsencrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#letsencrypt</a> <a href="https://mastodon.social/tags/php" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#php</a> <a href="https://mastodon.social/tags/csf" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#csf</a> <a href="https://mastodon.social/tags/centminmod" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#centminmod</a>

Kompot.si :unverified:<a href="https://infosec.exchange/@tom_webb" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@tom_webb</a> We've already blocked whole <a href="https://toot.si/tags/amazon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#amazon</a>, <a href="https://toot.si/tags/microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#microsoft</a> and <a href="https://toot.si/tags/meta" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#meta</a> subnets. Amazon particularly is tricky because we still want <a href="https://toot.si/tags/letsencrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#letsencrypt</a> to work. Now we're doing manual checks in access logs every time our servers are down and adding malicious actors to iptable blocks. We'll need a weekend hackaton at our selfhosting collective to put preventions in place and maybe come up with some new ideas as well. ☣️ poisoning those bots seems like an appropriate response.

teufel100😈Hmmm ... also das <a href="https://social.guckt.info/tags/letsencrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Letsencrypt</a> Module von Plesk hat über die Konsole die Option, einen anderen ACME-Server anzugeben, aber funktionieren tut das nicht. Das SSL-Zertifikat kommt dennoch von Lets Encrypt. Das spricht halt direkt wieder gegen Plesk ;)

Jill Veldhuis 💾Random <a href="https://kind.social/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfHosting</a> tip for any who might be interested:If you use <a href="https://kind.social/tags/GetSSL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GetSSL</a> to get your <a href="https://kind.social/tags/LetsEncrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LetsEncrypt</a> certs, you'll get four files:* The key (example.com.key) * The domain cert (example.com.crt) * The CA cert (chain.crt) * The "full chain" cert (fullchain.crt)Make sure to use the full chain cert, *not* the domain cert, when setting up your server. Otherwise some services will give you "unknown authority" errors.

Rad Web HostingHow to Install Centmin Mod on <a href="https://mastodon.social/tags/AlmaLinux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AlmaLinux</a> <a href="https://mastodon.social/tags/VPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VPS</a> Here's a detailed step-by-step guide on how to install Centmin Mod on AlmaLinux VPS server. What is Centmin Mod? Centmin Mod is a shell-based, menu-driven installer that automates the deployment of a LEMP (Linux, Nginx, MariaDB/MySQL, PHP-FPM) stack on CentOS, AlmaLinux, and Rocky Linux servers. Designed for efficiency and performance, it streamlines the installation and ... Continued 👉 <a href="https://blog.radwebhosting.com/how-to-install-centmin-mod-on-almalinux-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://blog.radwebhosting.com/how-to-install-centmin-mod-on-almalinux-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost</a> <a href="https://mastodon.social/tags/php" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#php</a> <a href="https://mastodon.social/tags/centminmod" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#centminmod</a> <a href="https://mastodon.social/tags/letsencrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#letsencrypt</a> <a href="https://mastodon.social/tags/csf" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#csf</a>

Grapf<a href="https://norden.social/tags/Nextcloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Nextcloud</a> auf einem <a href="https://norden.social/tags/RaspberryPi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RaspberryPi</a> ist sehr tricky, wenn man etwas verändert. Ich hatte sie jetzt einige Tage wunderbar laufen, habe nach langem Recherchieren die <a href="https://norden.social/tags/Portfreigabe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Portfreigabe</a> an der <a href="https://norden.social/tags/Fritzbox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Fritzbox</a> geändert, um von <a href="https://norden.social/tags/Letsencrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Letsencrypt</a> ein SSL-Zertifikat zu bekommen - jetzt sind zwar die Ports offen, aber Zertifikat klappt trotzdem nicht und <a href="https://norden.social/tags/Apache" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Apache</a> läuft auch nicht mehr. Ich steige gerade nicht mehr durch und frage mich, wieviel Zeit ich noch darauf verwenden will. jemand hier mit Erfahrungen? <a href="https://norden.social/tags/unplugtrump" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#unplugtrump</a>

Recent searches

Search options

Administered by:

Server stats:

#letsencrypt