lets-encrypt

CertPathValidatorException connecting to a Let's Encrypt host on Android M or earlier

情到浓时终转凉″ 提交于 2020-12-24 15:45:28
问题 [edit: If you are here for Let's Encrypt expiry event from January 2021, read this first https://letsencrypt.org/2020/12/21/extending-android-compatibility.html] Connecting to https://valid-isrgrootx1.letsencrypt.org/ via OkHttp on Android M or earlier fails, while the connection works on N or later. OkHttpClient client = new OkHttpClient(); try { Request request = new Request.Builder() .url("https://valid-isrgrootx1.letsencrypt.org/robots.txt") .build(); try (Response response = client

gke cert manager certificate in progress

佐手、 提交于 2020-12-13 07:54:11
问题 Im trying to make my google services more secure by moving from http to https. I've been follwing the cert-manager documentation to get it working. https://cert-manager.io/docs/configuration/acme/dns01/google/ I can't install helm on the cluster nor nginx ingress that's why im using the dns01 challenge instead of the http01. I installed cert-manager with regular manifests v0.11.0. After creating a dns admin service account, i used this yaml to create the issuer : apiVersion: cert-manager.io

Generate CRT & KEY ssl files from Let's Encrypt from scratch

家住魔仙堡 提交于 2020-11-30 02:51:47
问题 I'd like to generate a CRT/KEY couple SSL files with Let's Encrypt (with manual challenge). I'm trying something like this : certbot certonly --manual -d mydomain.com But I only get these files in my /etc/letsencrypt/live/mydomain.com folder : cert.pem chain.pem fullchain.pem privkey.pem Did I missed something? 回答1: I'm the author of Greenlock, a certbot-compatible Let's Encrypt v2 client, so I've had to learn the ins and outs of all these things as well. Hopefully this helps: KEY privkey.pem