Real-Time Certificate Info – 5,560,000,000 KeyChest Index

We have finally completed a GLOBAL certificate look-up table for real-time notifications in our re-designed KeyChest service. KeyChest has been using an external service to check for new certificates. This has become unsustainable due to the number of users and certificates we monitor.

“Read More”

Automate certificate monitoring with free API – KeyChest

Our certificate monitoring KeyChest has an initial RESTful API for remote enrolment of new certificates and for checking certificate expiry. Its design supports automation without any initial security/authorization setup.

“Read More”

Planning TLS certificate renewals – define a process

Category : https , letsencrypt , security

This text is about creating a process around planning certificate renewals. As part of our KeyChest re-design, we created a sequence of meaningful checks for TLS certificates to get them always renewed before your web services go down.

“Read More”

Major KeyChest Incident – We Turn It Into Serious Business

KeyChest HTTPS monitoring started small – to help us manage our certificates and its free service grew with interest. It’s the right approach from the business point of view, but it has its dark side. A major incident flashed it out last Saturday.

“Read More”

Let’s Encrypt uptime is 99.9% — or 98.8% without defects in 2017

Category : https , letsencrypt

As I was collecting reliability data for several PKI systems, I included Let’s Encrypt as it’s by far the biggest PKI system I was aware of. It provides its status data and its history at https://letsencrypt.status.io and here’s my informal analysis of its production systems.

“Read More”

Let’s Encrypt certificates with one name on different servers

Category : https , letsencrypt , security

This is an interesting one. The first impulse is to simply answer NO, you can’t do it, that’s the point of HTTPS. But it’s all about networking and one can do quite some magic with proxies, forwarding, and the SNI extension in TLS protocols.

“Read More”

Let’s Encrypt in the spotlight

We have compiled all practical information we could find and written it up at Numbers you need to know. It’s a long list of restrictions, rate limits, and other useful information to keep in mind.  Here’s a few selected points that we found interesting. Big thanks to schoen from Certbot/EFF for pointing out numerous inaccuracies.

“Read More”

SSL certificates – 7 Free Spot Checks in one go – KeyChest

While implementing features of the certificate planner, we have added a few handy features to the KeyChest spot checker as well. It is now much more than just a tool to check when a website certificate expires.

“Read More”

KeyChest – FREE plan and track for 100% HTTPS uptime

Category : https , letsencrypt , security

We have been using Letsencrypt certificates for a year now. As it is free, we have been constantly increasing the number of services using it. I personally like the three months validity as it makes renewals a “business as usual” task, rather than incidents. But it doesn’t happen through magic.

“Read More”

Think OpenVPN is easy? Think again as it’s worth it

We decided for OpenVPN to build secure connections to our Private Spaces. We braced for difficulties, but that was only the beginning. The point of this post is that integration testing does make a difference. And that OpenVPN is a very nice tool!

“Read More”

Browse by date

Dec 2018
M T W T F S S
« Nov    
 12
3456789
10111213141516
17181920212223
24252627282930
31