Technology Solutions for Everyday Folks

Tagged with 'certbot'

Removing Staples: Moving Away From Let's Encrypt OSCP Stapling

Screen snip of the summary/output of an SSL Server Test report, indicating a strong "A+" rating for the server/certificate configuration.

Last summer, Let's Encrypt announced their intent to end their OCSP service, and this was formalized in December with key dates related to the change. Near the end of January, I also received a direct email from Let's Encrypt detailing certificates of mine that had been configured with the "Must Staple" property.

Read More

Certbot on Windows: Automation Is Possible

A recent project gave me an opportunity to try out Certbot on Windows. As I've written about before, I've had an extensive journey with Certbot, at times in fairly 'non-standard' configurations, and Certbot on Windows is no different.

Read More

Implementing Certificate Authority Authorization

During the foray into fixing up the Let's Encrypt root certificate expiration bits for my affected bot host, while using the helpful SSL Server Test tool, I discovered the "new" (not really new) Certificate Authority Authorization (CAA) DNS record.

Read More

My Incremental Certbot Panacea

I've written about Certbot more than any other topic in the last 24 months or so, in part because it's been an interesting adventure for me both in helping to demystify SSL certificates, but also because it's been an evolving and incremental process to Make It Better. The first post I'd written in February of 2019 talked about using a web service to generate a Let's Encrypt certificate...good for 90 days...for free.

Read More

Automating Certbot: A Recap of My Journey

Long winding road

Over the last two months, I've shared what amounts to a four-part "series" of posts walking through my journey of using Certbot for SSL certificate management, with the primary challenge being not having the traditional root-level access on the web server. Those posts are, in order:

Read More

Certbot in Manual Mode with Script Hooks

If you've been following along in the mini series, I've gone over the details of using Certbot in manual mode, then bolting some simple scripts together to improve the process of generating and managing certs, all done with a bit of magic thanks to our old friend key authenti

Read More

Improving Manual Certbot Domain Validation

In my second post about using Certbot in manual mode, I address some of the 'pain points' from the first post: namely the process of scripting together some of the bits to create/renew a certificate and otherwise requiring fewer individual commands be entered (or remembered).

Read More

Moving to Certbot with Let's Encrypt

This is the first post in a short series of posts about automating what one can in an environment that might not support full-automation with Certbot and Let's Encrypt. Technically it's the second post as the first was geared toward setting up key authentication between systems, something that's leveraged significantly in this series.

Read More

Speaker @ MMS

I am speaking at MMSMOA, May 4-8, 2025!

MMS Logo

Past Speaking Engagements

I was a speaker at BrainStorm K20 Wisconsin Dells, March 9-11, 2025!

Logo for BrainStorm EdTech Conference

I was a speaker at MMS Flamingo Edition, October 20-23, 2024!

MMS Flamingo Logo

I was a speaker at TCSMUG OSD Day, July 31, 2024!

Twin Cities Systems Management User Group (TCSMUG) Logo

I was a speaker at NWSCUG, July 19, 2024!

Northwest System Center User Group (NWSCUG) Logo

I was a speaker at MMSMOA, May 5-9, 2024!

MMS Logo

I was a speaker at BrainStorm K20 Wisconsin Dells, March 10-12, 2024!

Logo for BrainStorm EdTech Conference

I was a speaker at MMS Miami Beach, October 29-November 1, 2023

Image advertising MMS Miami Beach Edition