[Ach] Let's Encrypt + TLSA, DANE, HPKP, ... - was: bettercrypto.org certificate has expired today

Gunnar Haslinger gh.bettercrypto at hitco.at
Thu Mar 16 21:19:52 CET 2017

Regarding using Let's Encrypt with TLSA/DANE and HPKP:

I wrote a short Blog-entry about using Let's encrypt with CSRs - keeping
the RSA-Keypair when renewing the certificate.

maybe somebody finds this helpful (in German):

As keeping the RSA-Keypair when renewing Certificates is not
best-practice security, probably this is *not* a chapter you would like
me to add to the BetterCrypto-Guide?

best regards,

More information about the Ach mailing list