This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/ripe-atlas@ripe.net/
[atlas] SSL Certificates for ripe anchors
- Previous message (by thread): [atlas] SSL Certificates for ripe anchors
- Next message (by thread): [atlas] SSL Certificates for ripe anchors
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Carsten Schiefner
carsten at schiefner.de
Tue Sep 3 13:24:23 CEST 2019
Sylvain, all - On 03.09.2019 13:12, Sylvain BAYA wrote: > [...] > > ...i can add this : if there is a technical issue (not impossible) in > using LE certs the same > way the actual solution is used on RIPE Anchors, then perhaps, > preferably, RIPE *should* > contribute to fund whatever necessary to solve the problem on LE side or > internally. indeed there is: one way to use Letsencrypt certificates is to have them automagically renewd every 90 days or so. This works like a charm on my host. The tricky bit, however, comes if you want to use this very certificate in a TLSA RR as well: all of a sudden the RR points to a non-existing certificate when Letsencrypt's cron job has flipped the certificate. I haven't yet really gotten my head around it - but maybe the NCC could and would?! 8-) Chers, -C.
- Previous message (by thread): [atlas] SSL Certificates for ripe anchors
- Next message (by thread): [atlas] SSL Certificates for ripe anchors
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]