[kwlug-disc] Incorrect Let's Encrypt expiry notices
Ronald Barnes
ron at ronaldbarnes.ca
Sun Nov 5 19:52:30 EST 2017
Keefer Rourke wrote on 2017-11-05 04:46 PM:
> When you renew a cert with Let's Encrypt, the "old" cert is still
> considered valid (i.e. if you were to copy the cert to a different
> system before renewing, you would be able to continue to use it after
> renewing the master copy afaik, since renewal does not also invalidate
> certs). As such, LE will continue to pester you about renewal even if
> you have already done so.
Ouch.
So, certificate pinning won't work with LE certs if I understand that
correctly?
Thanks,
r b
More information about the kwlug-disc
mailing list