Category Archives: PKI

Ubuntu Certbot Update

Posted by ITomation

With the upcoming deprecation of TLS-SNI-01, Let’s Encrypt certificate renewals may start breaking for some clients. For more information regarding the TLS-SNI-01 ACME protocol deprecation see Bulletproof TLS Newsletter #37.   As per Let’s Encrypt’s recent notification, “It will stop working temporarily on February 13th, 2019, and permanently on March 13th, 2019”. TLS-SNI-01 validation is […]

Issue Subordinate CA Certificate from Offline Root CA

Posted by ITomation

The other day, a client was deploying a new solution and needed a subordinate (SubCA) certificate for their networking device. The device basically needed to issue its own trusted certificates to clients within the internal network. They already had an internal 2-tier Microsoft CA infrastructure in place. One offline root CA and 2 enterprise subordinate […]