user@linuxtrack:~ $ python -c 'print("Soyez les bienvenus !")'

Vous n'êtes pas identifié(e).

Pages : 1

#1 04-08-2015 17:19:52

azgarech
Crazy one

Des certificats gratuits pour vos sites

Voilà les infos:

Site officiel: https://letsencrypt.org/

Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. Let’s Encrypt is a service provided by the Internet Security Research Group (ISRG).

The key principles behind Let’s Encrypt are:

    Free: Anyone who owns a domain name can use Let’s Encrypt to obtain a trusted certificate at zero cost.
    Automatic: Software running on a web server can interact with Let’s Encrypt to painlessly obtain a certificate, securely configure it for use, and automatically take care of renewal.
    Secure: Let’s Encrypt will serve as a platform for advancing TLS security best practices, both on the CA side and by helping site operators properly secure their servers.
    Transparent: All certificates issued or revoked will be publicly recorded and available for anyone to inspect.
    Open: The automatic issuance and renewal protocol will be published as an open standard that others can adopt.
    Cooperative: Much like the underlying Internet protocols themselves, Let’s Encrypt is a joint effort to benefit the community, beyond the control of any one organization.

Technical Advisory Board (TAB)

Our TAB consists of technical experts from major supporting organizations, as well as independent experts with strong CA/PKI industry experience.

    Rich Salz (Akamai)
    Joe Hildebrand (Cisco)
    Jacob Hoffman-Andrews (Electronic Frontier Foundation)
    J.C. Jones (Mozilla)
    Russ Housley (Independent)
    Ryan Hurst (Independent)

La release est annoncé pour Septembre prochain mais le client pour générer les certificats est déjà disponible ici ==> https://letsencrypt.readthedocs.org/en/ … uick-start

Bonne découverte  big_smile

Note: until the real certificates are issued in September 2015, the "happy hacker" Root CA is being issued in place of the intermediate certificate.

Note: generally speaking the order of concatonated certificates should be most-specific (least authoritative) to least-specific (most authoritative) - such as [cert, intermediate, root] and not [root, intermediate, cert]. This improves compatibility with some servers.

Note: I've seen some servers that like cat cert.pem privkey.pem > server.pem and some that do not like the Root CA to be in the chain or fullchain.

Dernière modification par azgarech (04-08-2015 17:58:47)

Security is always excessive until it’s not enough. — Robbie Sinclair

Hors ligne

#2 27-10-2015 14:24:03

Edward Cryptickiller
Membre

Re : Des certificats gratuits pour vos sites

C'est bon. Ils ont été trusté la semaine dernière je crois. (ou un peu avant)

Mon wiki: https://github.com/edcryptickiller/wiki/wiki
QTox ID: DC13B169A1EB023449E5AB6D3314F3B5EF04E03B1D3F0B0AF7500B94A2AC8114C5E03B44D45E
Public PGP key: http://pastebin.com/NpZkwK2n
Email: edcryptickiller@tutanota.com

Hors ligne

#3 27-10-2015 15:07:54

azgarech
Crazy one

Re : Des certificats gratuits pour vos sites

Je vais tester ce soir pour voir ce qu'il en est.
Je vous tiens au jus

Security is always excessive until it’s not enough. — Robbie Sinclair

Hors ligne

Pages : 1

Pied de page des forums

Propulsé par FluxBB