|
|
Subscribe / Log in / New account

The Let's Encrypt certificate revocation scare

The Let's Encrypt certificate revocation scare

Posted Mar 10, 2020 19:21 UTC (Tue) by gevaerts (subscriber, #21521)
In reply to: The Let's Encrypt certificate revocation scare by rahvin
Parent article: The Let's Encrypt certificate revocation scare

That typically only checks for the expiration date of the certificate itself, which won't change if it's revoked.

to post comments

The Let's Encrypt certificate revocation scare

Posted Mar 11, 2020 20:29 UTC (Wed) by rahvin (guest, #16953) [Link] (1 responses)

Unless I'm mistaken when certbot checks the expiration it also reviews the revocation list that updates when certbot connects. I did this just the other day on a new server and I remember the step where it downloads and checks the revoke list.

That was one of their smartest decisions with Let's Encrypt, right behind the 90 day certs, in that revoke lists were fully integrated into the process.

The Let's Encrypt certificate revocation scare

Posted Mar 12, 2020 0:35 UTC (Thu) by cyphar (subscriber, #110703) [Link]

This is a new feature, merged and released last week (https://github.com/certbot/certbot/pull/7829).


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds