Wie viele E-Mails mt "Let's Encrypt Expiration Emails Update" soll ich eigentlich noch bekommen? #spam #letsencrypt

Warum eigentlich ist #LetsEncrypt so arschig und stellt die Zertifikats-Erinnerungs-Mails ein?
Weil teuer? Echt jetzt?

Out of habit, every time I've registered a new server with #LetsEncrypt, I've used a unique email address, which up until recently has neither been an advantage or a disadvantage. Sadly recently it's become a pretty major disadvantage, because every time LetsEncrypt send out another email announcing that they're stopping sending emails, I get fifty bloody copies of it :@

"When Let’s Encrypt, a free certificate authority, started issuing 90 day TLS certificates for websites, it was considered a bold move that helped push the ecosystem towards shorter certificate life times. Beforehand, certificate authorities normally issued certificate lifetimes lasting a year or more. With 4.0, Certbot is now supporting Let’s Encrypt’s new capability for six day certificates through ACME profiles and dynamic renewal at:

- 1/3rd of lifetime left
- 1/2 of lifetime left, if the lifetime is shorter than 10 days"

https://www.eff.org/deeplinks/2025/04/certbot-40-long-live-short-lived-certs

How to Install #PeerTube on #Ubuntu VPS

This article provides an in-depth guide demonstrating how to install PeerTube on Ubuntu VPS.
What is PeerTube?
PeerTube is a decentralized, federated video hosting platform powered by WebTorrent and ActivityPub. It enables users to self-host video services and interact with other PeerTube ...
Continued https://blog.radwebhosting.com/how-to-install-peertube-on-ubuntu-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost #letsencrypt #opensource #installguide #selfhosting #selfhosted #videostreaming #decentralized #nodejs #vpsguide #fediverse

Sounds like we’ll need a EU-based alternative to #letsencrypt:

https://thelibre.news/trump-cuts-funding-to-foss-projects/

"Trump cuts funding to FOSS projects

So far he hasn't been successful, but it might simply be a matter of time."

Much earlier than I expected.

How to Install Centmin Mod on #AlmaLinux #VPS (5 Minute Quick-Start Guide) Here's a detailed step-by-step guide on how to install Centmin Mod on AlmaLinux VPS server.
What is Centmin Mod?
Centmin Mod is a shell-based, menu-driven installer that automates the deployment of a LEMP (Linux, Nginx, MariaDB/MySQL, PHP-FPM) stack on CentOS, AlmaLinux, and Rocky Linux servers. Designed for efficiency and performance, it ...
Continued https://blog.radwebhosting.com/how-to-install-centmin-mod-on-almalinux-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost #letsencrypt #php #csf #centminmod

Random #SelfHosting tip for any who might be interested:

If you use #GetSSL to get your #LetsEncrypt certs, you'll get four files:

* The key (example.com.key)
* The domain cert (example.com.crt)
* The CA cert (chain.crt)
* The "full chain" cert (fullchain.crt)

Make sure to use the full chain cert, *not* the domain cert, when setting up your server. Otherwise some services will give you "unknown authority" errors.

How to Install Centmin Mod on #AlmaLinux #VPS Here's a detailed step-by-step guide on how to install Centmin Mod on AlmaLinux VPS server.
What is Centmin Mod?
Centmin Mod is a shell-based, menu-driven installer that automates the deployment of a LEMP (Linux, Nginx, MariaDB/MySQL, PHP-FPM) stack on CentOS, AlmaLinux, and Rocky Linux servers. Designed for efficiency and performance, it streamlines the installation and ...
Continued https://blog.radwebhosting.com/how-to-install-centmin-mod-on-almalinux-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost #php #centminmod #letsencrypt #csf

#Nextcloud auf einem #RaspberryPi ist sehr tricky, wenn man etwas verändert. Ich hatte sie jetzt einige Tage wunderbar laufen, habe nach langem Recherchieren die #Portfreigabe an der #Fritzbox geändert, um von #Letsencrypt ein SSL-Zertifikat zu bekommen - jetzt sind zwar die Ports offen, aber Zertifikat klappt trotzdem nicht und #Apache läuft auch nicht mehr. Ich steige gerade nicht mehr durch und frage mich, wieviel Zeit ich noch darauf verwenden will. jemand hier mit Erfahrungen?
#unplugtrump

Un Ordine Esecutivo di #Trump blocca i pagamenti all'#OpenTechnologyFund. Da essi dipendono servizi #FOSS critici come #FDroid, #TOR e #LetsEncrypt. Abbiamo bisogno di un impegno serio da parte dell'Unione Europea nello sviluppo di alternative FOSS prima possibile, è seriamente una questione di sicurezza molto più che di principio.
https://www.dday.it/redazione/52530/trump-fara-saltare-il-negozio-open-source-android-f-droid-e-la-rete-tor

Let's Encrypt

In https://infosec.exchange/@aral@mastodon.ar.al/114224524044750719 @aral wants us to pay taxes to keep Let's Encrypt "alive". Here's another reason NOT to do that.

Apparently the *.eu.org domain needed laundrying because it's reputation became too bad. So scammers create zillions of insane domain names and obtain *FREE* (for them) certificates for those sites. Usually such sites are not malicious; they're intended to have virusscanners remove detection, eventually for the sub-TLD ".eu.org".

To see this, you may consider opening
https://crt.sh?q=eu.org
but that will fail because there are WAY too many results.

To restrict the amount of records, try a subdomain name and further restrict output by deduplicating and restricting to not expired, as follows:

https://crt.sh/?Identity=madaline.eu.org&exclude=expired&deduplicate=Y

The screenshot below gives an idea (they're all Let's Encrypt certs by the way, and I marked one with an insane domain name).

I wrote about this phenomenon before, e.g. in https://www.security.nl/posting/781057/Let%27s+Encrypt+git_git_git___ (at the time I did not understand why yet).

VirusTotal knows of 72.5K direct subdomains of *.eu.org:

"Subdomains (72.5 K)"

(open the RELATIONS tab in https://www.virustotal.com/gui/domain/eu.org/).

@TheDutchChief @EUCommission @letsencrypt @nlnet

L'armata delle tenebre allunga la sua ombra anche su servizi fondamentali per una rete libera.

#trump #fdroid #letsencrypt #UnoLinux #UnoOpen

https://www.dday.it/redazione/52530/trump-fara-saltare-il-negozio-open-source-android-f-droid-e-la-rete-tor

»Unsicherheit – US-Kürzungsrausch gefährdet für das Internet wichtige Open-Source-Projekte:
Die neue US-Regierung entzieht dem Open Technology Fund (OTF) die Mittel. Von diesem sind unter anderem @letsencrypt, @torproject und @fdroidorg finanziell abhängig. Der OTF hat Klage eingereicht«

Sehr heikel und es petrifft, wenn auch "nur" indirekt, alle Menschen auf der Erde. Der Egoismus eines Irren kann uns alle betreffen!

https://www.derstandard.at/story/3000000263520/lets-encrypt-tor-trump-kuerzungen-gefaehrden-fuer-das-internet-wichtige-open-source-projekte