similar to: Bugzilla invalid certificate issues

EV certs attempt validate the identity of the organization that holds them.  That is a nice assurance to have from a place that makes the thing that compiles your code. On February 11, 2017 at 12:28:08 PM, Stephen Checkoway (s at pahtak.org) wrote: > On Feb 10, 2017, at 18:27, Chris Matthews via llvm-dev <llvm-dev at lists.llvm.org> wrote: > > Letsencrypt only offers domain

> > And for other services like IMAP, SMTP, LDAP (maybe not LDAP) constant > changing certs even with a long lived root may get old for your customers. Why? I have corporate systems on 2 year commercial CA signed certificates and personal servers on 90 day LetsEncrypt ones - my users of IMAP and SMTP have never ever noticed when I changed the certificates on any device. They

On Jun 15, 2016, at 7:57 AM, ????????? ???????? <nevis2us at infoline.su> wrote: > > Nowadays it's quite easy to get normal ssl certificates for free. E.g. > > http://www.startssl.com > http://buy.wosign.com/free Today, I would prefer Let?s Encrypt: https://letsencrypt.org/ It is philosophically aligned with the open source software world, rather than act as bait

Yup, that did the trick. Thanks! Filipe On 1/10/19 7:47 AM, Aki Tuomi wrote: > > > On 10.1.2019 9.42, Filipe Carvalho wrote: >> >> Hello, >> >> Not sure if this is the right place to post this, but the ssl >> certificate of the repo.dovecot.org server expired on the 9th of January. >> >> It's giving an error via the browser and via the apt

What is the best way to adopt multiple certs? Thanks.

Hi, I'm trying to configure a Dovecot dsync service between two servers, using a tcp+ssl connection and a valid Let's Encrypt certificate. I followed the guide on the wiki (http://wiki.dovecot.org/Replication) using the tcps method, but when I launch the replication it fails writing on the log (/var/log/mail.err): (Server 1 - sync "client" )| Error: sync: Disconnected from

Michael Felt <michael at felt.demon.nl> writes: >> I use acme.sh for all of my LetsEncrypt certs (web & mail), it is >> written in pure shell script, so no python dependencies. >> https://github.com/Neilpang/acme.sh > > Thanks - I might look at that, but as Ralph mentions in his reply - > Let's encrypt certs are only for three months - never ending circus.

Hello, Not sure if this is the right place to post this, but the ssl certificate of the repo.dovecot.org server expired on the 9th of January. It's giving an error via the browser and via the apt command in Debian: W: Failed to fetch https://repo.dovecot.org/ce-2.3-latest/debian/jessie/dists/jessie/main/binary-amd64/Packages? server certificate verification failed. CAfile:

I've installed LE certs on my Dovecot a while back, and, it has been working OK since, but, today, an iPhone user said he can't get emails as iphone says 'cert is expired', searching around, I see some other iPhone similar issues reported, do I have my conf correct, I have; # cat dovecot.conf | grep ssl ssl = required verbose_ssl = no ssl_cert =

<master at remort.net> writes: > "writing a script to check the certs" - there is no need to write any > scripts. As one mentioned, it's done by a hook to certbot. Please read > the manuals for LE or certbot. The issue you have is quite common and > of course certbot designed to do it for you. Won't work, of course, if you employ the least-privilege security

> On Sep 2, 2015, at 1:36 PM, zep <zgreenfelder at gmail.com> wrote: > > > > On 09/02/2015 03:12 PM, Wes James wrote: >> I use chrome on CentOS because I wrote a web socket web app and I can only get chrome to work properly with web sockets. >> >> I have a local web app created with erlang. It works like ms sccm to wake, freeze/thaw deepfreeze PCs and

Hello I get the following error when using our Let's Encrypt ssl certificate for webRTC calls : [Jun 2 14:29:28] == DTLS ECDH initialized (secp256r1), faster PFS enabled [Jun 2 14:29:28] ERROR[27360][C-00000ae5]: res_rtp_asterisk.c:1441 ast_rtp_dtls_set_configuration: Specified certificate file '/etc/letsencrypt/live/ws.mydomain.tld/privkey.pem' for RTP instance

On 8/11/2017 11:44 AM, Florian Beer wrote: > On 2017-08-11 11:36, Michael Felt wrote: >> I have looked at let's encrypt. Key issue for me is having to add a >> lot python stuff that would otherwise not be on any server. > > > I use acme.sh for all of my LetsEncrypt certs (web & mail), it is > written in pure shell script, so no python dependencies. >

> On Aug 20, 2017, at 11:52 AM, Stephan von Krawczynski <skraw at ithnet.com> wrote: > > On Sat, 19 Aug 2017 21:39:18 -0400 > KT Walrus <kevin at my.walr.us> wrote: > >>> On Aug 18, 2017, at 4:05 AM, Stephan von Krawczynski <skraw at ithnet.com> >>> wrote: >>> >>> On Fri, 18 Aug 2017 00:24:39 -0700 (PDT) >>> Joseph

I don't know how to get both RSA and ECC cert from letsencrypt. Aki > On 30 July 2018 at 20:43 David Mehler <dave.mehler at gmail.com> wrote: > > > Hello, > > What acme implementation do you use for your letsencrypt certificates? > If it's acme.sh how do you get both rsa and ecc certificates? What > configuration options are you using in your

Seems wrong to me too, Robert. If you put your private key inside your certificate, won't it be sent to the client along with it ? Bastian, are you using an old version of thunderbird ? googling for "SSL alert number 42" gave me two results indicating a bug in thunderbird versions 31,32 and 33. You can check these links if you wish : *

I have looked at let's encrypt. Key issue for me is having to add a lot python stuff that would otherwise not be on any server. Again, All CA's like "Let's Encrypt" - and others that are accepted by the "majors", e.g., Windows, Mozilla make it much easier for the "random" user to use anything you protect with SSL (better TLS) without them having to

Cheers Remko and Ralph. I think there was some mention in the lets encrypt FAQ that certbot doesn't do email. But I understand I can use their generated very for dovecot, postfix and https? That would be good indeed. Anyone know of any manual, or can I just replace the certs in the dovecot and postfix locations with theirs? Do dovecot, postfix and apache all support .pem format? Sent from

Hello! Certificates from letsencrypt are renewed every three months. Does that mean a MUA has to accept the renewed certificates manually everytime it is renewed? Sorry if this is OT! Greetings Andreas

> On Aug 18, 2017, at 4:05 AM, Stephan von Krawczynski <skraw at ithnet.com> wrote: > > On Fri, 18 Aug 2017 00:24:39 -0700 (PDT) > Joseph Tam <jtam.home at gmail.com> wrote: > >> Michael Felt <michael at felt.demon.nl> writes: >> >>>> I use acme.sh for all of my LetsEncrypt certs (web & mail), it is >>>> written in pure