[Ach] Let's Encrypt + TLSA, DANE, HPKP, ... - was: bettercrypto.org certificate has expired today
gh.bettercrypto at hitco.at
Thu Mar 16 21:19:52 CET 2017
Regarding using Let's Encrypt with TLSA/DANE and HPKP:
I wrote a short Blog-entry about using Let's encrypt with CSRs - keeping
the RSA-Keypair when renewing the certificate.
maybe somebody finds this helpful (in German):
As keeping the RSA-Keypair when renewing Certificates is not
best-practice security, probably this is *not* a chapter you would like
me to add to the BetterCrypto-Guide?
More information about the Ach