This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/ripe-atlas@ripe.net/
[atlas] SSL Certificates for ripe anchors
- Previous message (by thread): [atlas] SSL Certificates for ripe anchors
- Next message (by thread): [atlas] SSL Certificates for ripe anchors
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Bjørn Mork
bjorn at mork.no
Tue Sep 3 13:35:16 CEST 2019
Carsten Schiefner <carsten at schiefner.de> writes: > The tricky bit, however, comes if you want to use this very certificate > in a TLSA RR as well: all of a sudden the RR points to a non-existing > certificate when Letsencrypt's cron job has flipped the certificate. > > I haven't yet really gotten my head around it - but maybe the NCC could > and would?! 8-) You can renew Let's Encrypt certificates without changing the key. And if you use the recommended 3 1 1 TLSA records, then you don't have to change it unless the key is changed. Bjørn
- Previous message (by thread): [atlas] SSL Certificates for ripe anchors
- Next message (by thread): [atlas] SSL Certificates for ripe anchors
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]