ssl – Bram.us

FIX: The provider “cPanel (powered by Sectigo)” cannot currently accept incoming requests. The system will try again later.

Sectigo can’t handle the load. This is how you work around it.

Getting correctly signed SSL Certificates for cPanel/WHM Services

Back in the day I set up a few VPSes with WHM/cPanel on to host some sites. As back then the certificates for the cPanel services (FTPD, SMTP, WHM, …) were self-signed and Let’s Encrypt was still in its early days, I also ordered a wildcard certificate for *.3rds.be along with that and configured WHM …

Continue reading “Getting correctly signed SSL Certificates for cPanel/WHM Services”

Read Post →

Get HTTPS working on localhost, with green padlock

In On “Secure Contexts” in Firefox, HTTPS for local development, and a potential nice gesture by Chrome I said: One of the things that’s still not really frictionless for your local development domains is the use of certificates. To circumvent the use of self-signed certificates I explained in said article how I have a dedicated …

Continue reading “Get HTTPS working on localhost, with green padlock”

Read Post →

On “Secure Contexts” in Firefox, HTTPS for local development, and a potential nice gesture by Chrome

👋 This post also got published on Medium. If you like it, please give it some love a clap over there. Earlier today, in a post entitled Secure Contexts Everywhere, it was announced on the Mozilla Security Blog that Firefox from now on will only expose new features such as new CSS properties to secure …

Continue reading “On “Secure Contexts” in Firefox, HTTPS for local development, and a potential nice gesture by Chrome”

Read Post →

(Laravel) Uptime Monitor

Today Freek from spatie released a new package: Laravel-uptime-monitor is a powerful, easy to configure uptime monitor. It will notify you when your site is down (and when it comes back up). You can also be notified a few days before an SSL certificate on one of your sites expires. Under the hood, the package …

Continue reading “(Laravel) Uptime Monitor”

Read Post →

Validating SSL certificates with PHP

Great stuff again by Freek Murze from Spatie: A PHP class to easily check the validity of an SSL Certificate. Easily? Yes, easily: $certificate = SslCertificate::createForHostName(‘spatie.be’); $certificate->getIssuer(); // returns “Let’s Encrypt Authority X3” $certificate->isValid(); // returns true if the certificate is currently valid $certificate->isValid(domain.com); // returns true if the certificate is currently valid for the …

Continue reading “Validating SSL certificates with PHP”

Read Post →

UpGuard Web Scan

The UpGuard external cyber audit uses publicly available information to grade your cyber risk posture. External scans are convenient and non-invasive but require an internal scan to assess the majority of risk factors. Checks for thinks like SPF records and stuff. UpGuard Web Scan →

Read Post →

Diff two certificate files with certdiff

If you’ve ever had to handle certificates, it can sometimes – especially when renewing them – become confusing to know which certificate is which. Enter certdiff, a handy diff tool for certificates, by Mattias Geniar: $ ./certdiff cronweekly.com/cert.pem sysca.st/cert.pem subject= /CN=cronweekly.com | subject= /CN=sysca.st issuer= /C=US/O=Let’s Encrypt/CN=Let’s Encrypt Authority issuer= /C=US/O=Let’s Encrypt/CN=Let’s Encrypt Authority notBefore=Feb …

Continue reading “Diff two certificate files with certdiff”

Read Post →

Migrating your WordPress website from HTTP to HTTPS

In light of #https2015 I flipped the switch on bram.us earlier today: from today forth bram.us is only accessible over HTTPS. If you run a news site, or any site at all, we’d like to issue a friendly challenge to you. Make a commitment to have your site fully on HTTPS by the end of …

Continue reading “Migrating your WordPress website from HTTP to HTTPS”

Read Post →

HTTPS Everywhere

(That’s a presentation embedded above. Video also available)

Read Post →