This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/ripe-atlas@ripe.net/
[atlas] SSL Certificates for ripe anchors
- Previous message (by thread): [atlas] SSL Certificates for ripe anchors
- Next message (by thread): [atlas] SSL Certificates for ripe anchors
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Carsten Schiefner
carsten at schiefner.de
Tue Sep 3 14:34:10 CEST 2019
Hi Bjørn, > Am 03.09.2019 um 13:35 schrieb Bjørn Mork <bjorn at mork.no>: >> The tricky bit, however, comes if you want to use this very certificate >> in a TLSA RR as well: all of a sudden the RR points to a non-existing >> certificate when Letsencrypt's cron job has flipped the certificate. >> >> [...] > > You can renew Let's Encrypt certificates without changing the key. And > if you use the recommended 3 1 1 TLSA records, then you don't have to > change it unless the key is changed. ah! :-) Would you have a specific pointer in mind you’d recommend and so like to share? Thanks & best, -C.
- Previous message (by thread): [atlas] SSL Certificates for ripe anchors
- Next message (by thread): [atlas] SSL Certificates for ripe anchors
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]