Blog Tags: 
lets encrypt
tls
ssl
confconsole
v15.x

Let's Encrypt SSL/TLS certificates may require manual update

Jeremy Davis - Wed, 2020/03/04 - 00:55

As highlighted in the forums by Sean, Let's Encrypt recently discovered a bug in their Certificate Authority (aka CAA). The implication of this is that some of the certificates that they have issued, they shouldn't have!

Read more and discuss
Blog Tags: 
ssl
tls
web
lamp
apache
webserver
certificate

3rd party SSL/TLS certs on TurnKey: convert CER/P7B to PEM

Jeremy Davis - Wed, 2018/03/07 - 09:36 - 9 comments

Stuart recently asked via support how to use third party .cer or .p7b SSL/TLS certificates with TurnKey v14.x.

As I don't run any permanent websites, I'm not super familiar with different certificate formats. My only experience really has been through my years with TurnKey and I've only ever encountered the text file .pem certs. So I did a quick bit of research to help Stuart out. I figured that seeing as it's been a little while since I wrote a blog post and this info may be useful for others, I wrote it up. :)

Read more and discuss
Blog Tags: 
security
ssl

Self signed and trusted SSL certificates

Alon Swartz - Wed, 2010/04/07 - 13:25 - 23 comments

Important note: Please note that current appliances include support for getting free Let's Encrypt SSL certificates. Please see the Let's Encrypt docs within the new Confconsole doc pages for full details.

Read more and discuss
Blog Tags: 
ssh
admin
security
ssl

We don't need no stinking SSL

Liraz Siri - Mon, 2010/02/15 - 08:34

Why we disabled SSL and use an SSH tunnel for web site administration

Content managements systems like the one we're using for the web site (Drupal) need to provide a privileged administration interface which you usually want to access securely. Due to the insecure nature of the Internet, it's reasonable to assume your traffic may be intercepted at some point. So how do you prevent that?

Up until recently, we used SSL. You could access the web site from both:

Unfortunately, as the site grew in complexity this created a range of subtle but annoying paper-cut type problems.

Read more and discuss