With DNS-PERSIST-01, Let’s Encrypt users can validate their domains without having to update DNS records every time they issue or renew a certificate.
https://linuxiac.com/lets-encrypt-introduces-dns-persist-01-for-persistent-acme-dns-validation/

#letsencrypt #certificates #security

ZeroSSL a kind request, supporting DNS-PERSIST-01 validation method would be just awesome! - Thanks

#ZeroSSL #EuropeanAlternatives #TLS #Validation #Certificates #LetsEncrypt

#Development #Announcements
DNS-PERSIST-01 · A new model for DNS-based challenge validation https://ilo.im/16aqtz

_____
#CA #Certificates #Wildcards #Validation #DNS #HTTPS #Server #WebDev #Backend

Problems with importing Firewall CA Certificate #2204 #vpn #ssl #certificates #github

https://askubuntu.com/q/1564035/612

Do you hate #passwords as much as I do?
Can't we have public key #authentication everywhere? Like in my #email client?

Yes we can! Without #authkeys!

Because #TLS supports not just #server side #certificates , but also the client can be verified.

My #Dovecot now logs me in without a password :D I just need to possess a valid (unlocked) private key. The secret never crosses the network.

Next step: make sure the decrypted key is never written to #swap .

#networking #security

How to Easily Secure A Website | https://techygeekshome.info/how-to-easily-secure-a-website/?fsp_sid=30761 | #Certificates #security #SSL 
https://techygeekshome.info/how-to-easily-secure-a-website/?fsp_sid=30761

How to Easily Secure A Website | https://techygeekshome.info/how-to-easily-secure-a-website/?fsp_sid=30760 | #Certificates #security #SSL 
https://techygeekshome.info/how-to-easily-secure-a-website/?fsp_sid=30760

I use #ACME DNS01 got get #certificates for my internal servers. This works nicely and I don't have to worry about installing my own #CA certificate in every device, workstation and server.
It has the drawback of everyone on the internet knows which servers I have on my domain.
Can I use ACME to get an intermediate certificate, that I can use for e.g. subdomain locally?

#mwgic #2026 #Windows #SecureBoot #Cybersecurity #Certificates

Microsoft warns Secure Boot certificates will expire in 2026 | Windows Central https://share.google/63ykWQCfLIUIduB0G

Still using #windows10 ?

Yet another reason to ensure your device is enrolled in the #microsoft #esu (Extended Security Updates) program.

#secureboot #certificates #uef

https://www.theverge.com/tech/876336/microsoft-windows-secure-boot-certificate-renewal?view_token=eyJhbGciOiJIUzI1NiJ9.eyJpZCI6Ing0VVlEUWkxREEiLCJwIjoiL3RlY2gvODc2MzM2L21pY3Jvc29mdC13aW5kb3dzLXNlY3VyZS1ib290LWNlcnRpZmljYXRlLXJlbmV3YWwiLCJleHAiOjE3NzExOTc3NTMsImlhdCI6MTc3MDc2NTc1M30.Tpkt4A5t67ohbXFyaDa2Uk_y-kkTnDgrpNlowglnGrc&utm_medium=gift-link

#Certification #Certifications #Certificate #Certificates #Certified #Bureaucracy #Paperwork.

#Meme #Memes #Humour #Humor

#Linux #Win10 #SecureBoot #UEFI #Certificates

TL/DR
Does Linux have a fix/mitigation of this expiring cert issue?

Full post:

So an important/critical firmware level certificate from Microsoft is expiring in June - which will leave Win10 users even more vulnerable to malware.

And this article utterly fails to even *mention* linux.

Some googling indicates Linux in general depends on the Microsoft certificates for Secureboot/UEFI compatibility.

As a software dev of 30 years I'm technical enough to be comfortable in the innards and configs of stuff, but not terribly well versed in Linux under the hood.

https://www.pcmag.com/news/upgrade-now-microsoft-issues-security-warning-to-those-still-on-windows

Here's how you regenerate the ESX self-signed certificate and extra info about rhttpproxy the Envoy reverse proxy ESX uses.

https://thedxt.ca/2026/02/esx-regenerate-self-signed-certificate/

#ESX #VMware #certificates #vExpert #Broadcom

Apple has just released security updates for Catalina and Big Sur

https://fed.brid.gy/r/https://eclecticlight.co/2026/02/02/apple-has-just-released-security-updates-for-catalina-and-big-sur/

DANE is interesting
Checking out mails servers and saw a test for DANE. Time to learn something new? DANE = DNS-based Authentication of Named Entities. Poorly supported in end clients, but I'm liking the ideas presented for verifying what CA is supposed to be the issuing CA. A cross check. May also be useful for self-signed certs. Gonna have to play. https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities #certificates #dane #ssl #tls

#Apple Patches Old Versions of #iOS to Keep #iMessage and #FaceTime Running

Apple is renewing #certificates for iOS versions dating back to 2013 to keep the lights on a little longer.
#security

https://www.wired.com/story/apple-patches-older-ios-versions-to-keep-imessage-facetime-working/

According to a survey conducted by the opinion‑polling institute Forsa, German citizens overwhelmingly want to keep the telephone sickness‑certification system... https://news.osna.fm/?p=31957 | #news #certificates #chancellors #criticism #despite

6-day and IP Address Certificates are Generally Available

https://letsencrypt.org/2026/01/15/6day-and-ip-general-availability

#letsencrypt #security #tls #certificates

Can you still run old App Store apps?

https://fed.brid.gy/r/https://eclecticlight.co/2026/01/22/can-you-still-run-old-app-store-apps/

Is that signing certificate still valid?

https://fed.brid.gy/r/https://eclecticlight.co/2026/01/20/is-that-signing-certificate-still-valid/