Technology

73534 readers

2445 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related news or articles.
Be excellent to each other!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
Check for duplicates before posting, duplicates may be removed
Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago

MODERATORS

L3s@lemmy.world

enu@lemmy.world

technopagan@lemmy.world

L4s@lemmy.world

L3s@hackingne.ws

L4s@hackingne.ws

190

TLS Certificate Lifetimes Will Officially Reduce to 47 Days (www.digicert.com)

submitted 3 months ago by exu@feditown.com to c/technology@lemmy.world

61 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[+] dan1101@lemm.ee -24 points 3 months ago (13 children)

This will be a huge pain for the small business websites I administer, which really don't need SSL to begin with except to please Google.

[–] Rogue@feddit.uk 30 points 3 months ago (11 children)

If you're truly unaware of why TLS is necessary or how to automate the process then you should probably retire.

Archaic attitudes like yours are precisely why these restrictions are necessary.

[–] sugar_in_your_tea@sh.itjust.works 7 points 3 months ago (9 children)

Exactly. Setting up Let's Encrypt is really easy, and once it's set up, you don't have to think about it.

I did it for self-hosted stuff, and it's trivial. You can even do DNS challenge auth instead of HTTP and you don't need to have port 80 open at all, but you do need a login token for your DNS host for the script.

The first one will probably take an hour or two if it's your first time, and after that, it's maybe 5 min per site.

[–] Rogue@feddit.uk 0 points 3 months ago (2 children)

Even that's more steps than necessary.

Just serve your website with Caddy and it handles certs for you. The config is absolutely trivial compared to Apache, nginx, etc

[–] sugar_in_your_tea@sh.itjust.works 1 points 3 months ago

I use Caddy, but there are a lot of options with decent documentation.

[–] corsicanguppy@lemmy.ca 1 points 3 months ago

Just

Red flag.

serve your website with Caddy

There is no security risk so bad that it can't be made worse by layering on new tech with its own issues and pitfalls. (Paraphrasing Bruce Jackson)

load more comments (6 replies)

load more comments (7 replies)

load more comments (8 replies)