Webevaluation wiki

User Tools

Site Tools

Trace: certificates
certificates

Table of Contents

If you want to send us your comments, please do so. Thanks
More on comments

Certificates

On crt.sh certificates can be checked

Certificate authorities

The seven most used are:

NamePercentageRemark
Let’s Encrypt46.52
DigiCert22,19
Sectigo11,89
Google Trust Services8,88
GoDaddy5,77
Microsoft3,45
InenTrust0,63

It might be save to say, all other certificate authorities can safely be removed from the OS and / or the web browser's certificate store without a big risk of encountering an issue. That makes the web safer for the user

Coming up, the EU with article 45 in the eIDAS 2.0 legislation which grants the EU full access to all Internet traffic if adopted. The Internet will not be safe from that point on wards, if adopted.

Let's encrypt

lencr.org is a domain name owned by Let’s Encrypt

on DirectAdmin

  • Login on DirectAdmin
  • Click on “SSL Certificates”
  • In the fist column, turn on the 2e bullet
  • Turn on “Free & automatic certificate from Let’s Encrypt”
  • Enter an valid e-mail address
  • Turn on all the selectionmarks below “Selected Entries: [a number] Maximum requests per week: [an other number]
  • Click on the bottom of the page on the “Save” button
  • Check the output. On the bottom of the page it should say “Certificate for 3wb.nl has been created successfully!”
  • Click on the top left of the page on the “Home” icon
  • Click on “Domain Setup”
  • Click on the domain domain whit the letters in a bold font
  • Turn on the checkmark of “Use a symbolic link from private_html to public_html – allows for same data in http and https”
  • Click on “Save”
  • Update the configurationfiles of the website to make them work with the https connection if applicable

CLI: Check certificates

echo | openssl s_client -showcerts -servername somedomain.nl -connect somedomain.nl:443 2>/dev/null | openssl x509 -inform pem -noout -text | less

Errors

openssl pkcs12 -export -out name.cert.p12 -inkey name.key.pem -in name.cert.pem
Enter pass phrase for name.key.pem:
Enter Export Password:
Verifying - Enter Export Password:
Verify failure
Can't read Password
40474ADD457F0000:error:1400006B:UI routines:UI_process:processing error:../crypto/ui/ui_lib.c:548:while reading strings

Solution: The passwords did not match. Enter the passwords again.

Main subjects on this wiki: Linux, Debian, HTML, Microcontrollers, Privacy

RSS
Disclaimer
Privacy statement
Bugs statement
Cookies
Copyright © : 2014 - 2024 Webevaluation.nl and the authors
Changes reserved.

This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.More information about cookies
certificates.txt · Last modified: 20-01-2024 14:41 by wim