[Ach] bettercrypto.org cert blocked in chrome 56
Raoul Bhatia
raoul at bhatia.at
Tue Nov 29 07:14:05 CET 2016
+ACH
On November 28, 2016 11:32:10 PM GMT+01:00, Raoul Bhatia <raoul at bhatia.at> wrote:
>On November 28, 2016 11:14:34 PM GMT+01:00, Tobias Pape
><Das.Linux at gmx.de> wrote:
>>
>>On 28.11.2016, at 23:12, Raoul Bhatia <raoul at bhatia.at> wrote:
>>
>>> I've successfully transitioned existing StartSSL certificates + HPKP
>>/ HSTS to letsencrypt.sh (via the Debian package).
>>>
>>> I know I am not the first to do such a thing, but maybe you'd like
>to
>>have some quick pointers to get this resolved ASAP.
>>>
>>> Raoul
>>>
>>> PS. The most important thing is to initially tell letsencrypt.sh to
>>reuse an existing private key for requesting new certs.
>>>
>>
>>Curious: why?
>>
>>Best regards
>> -Tobias
>
>Well, in my case I had no alternate cert at hand to replace my StartSSL
>one.
>
>So I needed to take care to reuse the existing private key for my new
>letsencrypt cert, to give it the same key pin hash, to get online with
>the new cert prior to the HPKP expiry/max-age.
>
>Not sure if I was able to properly explain myself ;-)
>
>Raoul
--
DI (FH) Raoul Bhatia M.Sc.
E-Mail. raoul at bhatia.at
Tel. +43 699 10132530
More information about the Ach
mailing list