[atlas] SSL Certificates for ripe anchors
- Previous message (by thread): [atlas] SSL Certificates for ripe anchors
- Next message (by thread): [atlas] SSL Certificates for ripe anchors
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Carsten Schiefner
carsten at schiefner.de
Tue Sep 3 13:24:23 CEST 2019
Sylvain, all - On 03.09.2019 13:12, Sylvain BAYA wrote: > [...] > > ...i can add this : if there is a technical issue (not impossible) in > using LE certs the same > way the actual solution is used on RIPE Anchors, then perhaps, > preferably, RIPE *should* > contribute to fund whatever necessary to solve the problem on LE side or > internally. indeed there is: one way to use Letsencrypt certificates is to have them automagically renewd every 90 days or so. This works like a charm on my host. The tricky bit, however, comes if you want to use this very certificate in a TLSA RR as well: all of a sudden the RR points to a non-existing certificate when Letsencrypt's cron job has flipped the certificate. I haven't yet really gotten my head around it - but maybe the NCC could and would?! 8-) Chers, -C.
- Previous message (by thread): [atlas] SSL Certificates for ripe anchors
- Next message (by thread): [atlas] SSL Certificates for ripe anchors
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]