Tagged with 'certbot'
Removing Staples: Moving Away From Let's Encrypt OSCP Stapling

- Posted on February 03, 2025
- Read time: 5 minutes
- Tagged with certbot, inspiration, security, tech, website
Last summer, Let's Encrypt announced their intent to end their OCSP service, and this was formalized in December with key dates related to the change. Near the end of January, I also received a direct email from Let's Encrypt detailing certificates of mine that had been configured with the "Must Staple" property.
Read MoreCertbot on Windows: Automation Is Possible
- Posted on March 14, 2022
- Read time: 6 minutes
- Tagged with automation, certbot, inspiration, security, tech, website
A recent project gave me an opportunity to try out Certbot on Windows. As I've written about before, I've had an extensive journey with Certbot, at times in fairly 'non-standard' configurations, and Certbot on Windows is no different.
Read MoreImplementing Certificate Authority Authorization
- Posted on October 25, 2021
- Read time: 4 minutes
- Tagged with automation, certbot, inspiration, security, tech
During the foray into fixing up the Let's Encrypt root certificate expiration bits for my affected bot host, while using the helpful SSL Server Test tool, I discovered the "new" (not really new) Certificate Authority Authorization (CAA) DNS record.
Read MoreMy Incremental Certbot Panacea
- Posted on January 04, 2021
- Read time: 5 minutes
- Tagged with automation, certbot, inspiration, security, tech, website
I've written about Certbot more than any other topic in the last 24 months or so, in part because it's been an interesting adventure for me both in helping to demystify SSL certificates, but also because it's been an evolving and incremental process to Make It Better. The first post I'd written in February of 2019 talked about using a web service to generate a Let's Encrypt certificate...good for 90 days...for free.
Read MoreAutomating Certbot: A Recap of My Journey

- Posted on November 16, 2020
- Read time: 3 minutes
- Tagged with automation, certbot, inspiration, security, tech, website
Over the last two months, I've shared what amounts to a four-part "series" of posts walking through my journey of using Certbot for SSL certificate management, with the primary challenge being not having the traditional root-level access on the web server. Those posts are, in order:
Read MoreCertbot in Manual Mode with Script Hooks
- Posted on November 02, 2020
- Read time: 4 minutes
- Tagged with automation, certbot, inspiration, security, tech, website
If you've been following along in the mini series, I've gone over the details of using Certbot in manual mode, then bolting some simple scripts together to improve the process of generating and managing certs, all done with a bit of magic thanks to our old friend key authenti
Read MoreImproving Manual Certbot Domain Validation
- Posted on October 19, 2020
- Read time: 6 minutes
- Tagged with automation, certbot, inspiration, security, tech, website
In my second post about using Certbot in manual mode, I address some of the 'pain points' from the first post: namely the process of scripting together some of the bits to create/renew a certificate and otherwise requiring fewer individual commands be entered (or remembered).
Read MoreMoving to Certbot with Let's Encrypt
- Posted on October 05, 2020
- Read time: 6 minutes
- Tagged with automation, certbot, inspiration, security, tech, website
This is the first post in a short series of posts about automating what one can in an environment that might not support full-automation with Certbot and Let's Encrypt. Technically it's the second post as the first was geared toward setting up key authentication between systems, something that's leveraged significantly in this series.
Read More