Letsencrypt Supports Wildcard Certificates
Let's Encrypt offers free SSL/TLS certificates for secure HTTPS connections, relying on donations. They issue Domain Validation and SAN certificates, recommend reporting malicious activities, and emphasize TLS/SSL security.
Read original article
Let's Encrypt is a global Certificate Authority offering free SSL/TLS certificates to enable secure HTTPS connections for websites. They do not charge for their services and rely on donations and sponsorships to operate. Let's Encrypt does not provide direct support but offers documentation and community forums for assistance. In case of malicious activities on a website using their certificates, users are advised to report to Google Safe Browsing and Microsoft Smart Screen. The certificates are valid for 90 days and can be renewed automatically every 60 days. Let's Encrypt issues Domain Validation certificates and supports Subject Alternative Name (SAN) certificates but does not provide Organization Validation (OV) or Extended Validation (EV) certificates. Private keys are not stored on Let's Encrypt servers, and users can use various ACME clients like Certbot for certificate management. The organization emphasizes the importance of TLS/SSL and PKI security, providing resources for further learning.
Related
More Memory Safety for Let's Encrypt: Deploying ntpd-rs
Let's Encrypt enhances memory safety with ntpd-rs, a secure NTP implementation, part of the Prossimo project. Transitioning to memory-safe alternatives aligns with broader security goals, supported by community and sponsorships.
Sustaining Digital Certificate Security – Entrust Certificate Distrust
Google's Chrome Security Team distrusts specific Entrust certificates due to reliability concerns. Chrome 127 onwards won't trust certain Entrust TLS server authentication certificates dated after October 31, 2024. Website operators should review certificates for compliance.
Chrome will distrust CA certificates from Entrust later this year
Google will stop trusting Entrust CA certificates from November 1, citing compliance failures. Websites using Entrust certs, like moneygram.com and ey.com, must switch to a new CA to avoid security warnings. Enterprise customers can still trust Entrust.
Entrust certificates will not be trusted in Chrome 127+
The Chrome Root Program Policy is updating trust for Entrust CAs due to compliance issues. Entrust must show improvement to maintain trust. Chrome will oversee changes to safeguard users and the web.
MDN tool that tells you of security gaps in your website
The website features the HTTP Observatory tool for free website scanning, real-time AI help, resources for web developers, browser compatibility updates, and a community forum. It aims to enhance internet experiences.
6 commentshttps://community.letsencrypt.org/t/acme-v2-and-wildcard-cer...
https://letsencrypt.org/docs/ct-logs/
Apparently wildcards have been supported since 2018, but I only discovered this last weekend.
Cheers.
It's crazy to think that not too long ago, these certificates would cost a small fortune. I'm really grateful to anyone working on making this available for the world to use.
Related
More Memory Safety for Let's Encrypt: Deploying ntpd-rs
Let's Encrypt enhances memory safety with ntpd-rs, a secure NTP implementation, part of the Prossimo project. Transitioning to memory-safe alternatives aligns with broader security goals, supported by community and sponsorships.
Sustaining Digital Certificate Security – Entrust Certificate Distrust
Google's Chrome Security Team distrusts specific Entrust certificates due to reliability concerns. Chrome 127 onwards won't trust certain Entrust TLS server authentication certificates dated after October 31, 2024. Website operators should review certificates for compliance.
Chrome will distrust CA certificates from Entrust later this year
Google will stop trusting Entrust CA certificates from November 1, citing compliance failures. Websites using Entrust certs, like moneygram.com and ey.com, must switch to a new CA to avoid security warnings. Enterprise customers can still trust Entrust.
Entrust certificates will not be trusted in Chrome 127+
The Chrome Root Program Policy is updating trust for Entrust CAs due to compliance issues. Entrust must show improvement to maintain trust. Chrome will oversee changes to safeguard users and the web.
MDN tool that tells you of security gaps in your website
The website features the HTTP Observatory tool for free website scanning, real-time AI help, resources for web developers, browser compatibility updates, and a community forum. It aims to enhance internet experiences.