Ubuntu 14.04 From https://certbot.eff.org/all-instructions/#ubuntu-14-04-trusty-nginx Download and install We’re going to use certbot and install it in /usr/local/bin sudo wget https://dl.eff.org/certbot-auto -O /usr/local/bin/certbot-auto sudo chmod +x /usr/local/bin/certbot-auto certbot-auto –os-packages-only First cert request sudo service nginx stop ./certbot-auto certonly –standalone -d www.example.com -d example.com sudo service nginx start Test renewal certbot-auto renew –dry-run Actual renewal…
Category: SSL/TLS/HTTPS
Security
Read more
Ticketbleed (CVE-2016-9244)
Ticketbleed is a software vulnerability in the TLS/SSL stack of F5 BIG-IP appliances allowing a remote attacker to extract up to 31 bytes of uninitialized memory at a time.https://filippo.io/Ticketbleed/ SSL Labs is adding tests for this. And I didn’t know that SSL Labs had a development server for people to…
Security
Read more
How to test an HTTP TLS cert from the command line
If you want to look at a web server’s cert from the command line you can just do: openssl s_client -connect REPLACE_WITH_DOMAIN_OR_IP:443 -servername REPLACE_WITH_DOMAIN For instance: openssl s_client -connect microsoft.com:443 -servername microsoft.com If your DNS isn’t resolving to the host yet (maybe you have launched the site yet but you want…