Login

Recent searches

No recent searches

Search options

Only available when logged in.
mastodon.ar.al is one of the many independent Mastodon servers you can use to participate in the fediverse.
This is my personal fediverse server.

Administered by:

Server stats:

1
active users

mastodon.ar.al: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.6

Aral Balkan

So I guess Let’s Encrypt has decided what I’ll be working on today then…

letsencrypt.org/2024/12/05/end

(They’re ending OCSP stapling support. I’ll be updating Auto Encrypt¹ to remove OCSP support and then update @small-tech/https, which uses it, along with Auto Encrypt Localhost² to provide seamless TLS support regardless of whether you’re working in development or in production, and then update Site.js³ – deprecated but still used to serve some of our own sites at Small Technology Foundation⁴ – and Kitten⁵, with the latest @small-tech/https.)

¹ codeberg.org/small-tech/auto-e
² codeberg.org/small-tech/auto-e
³ codeberg.org/small-tech/https
small-tech.org
kitten.small-web.org

letsencrypt.orgEnding OCSP Support in 2025Earlier this year we announced our intent to provide certificate revocation information exclusively via Certificate Revocation Lists (CRLs), ending support for providing certificate revocation information via the Online Certificate Status Protocol (OCSP). Today we are providing a timeline for ending OCSP services: January 30, 2025 OCSP Must-Staple requests will fail, unless the requesting account has previously issued a certificate containing the OCSP Must Staple extension May 7, 2025 Prior to this date we will have added CRL URLs to certificates On this date we will drop OCSP URLs from certificates On this date all requests including the OCSP Must Staple extension will fail August 6, 2025 On this date we will turn off our OCSP responders Additionally, a very small percentage of our subscribers request certificates with the OCSP Must Staple Extension.
#SmallWeb#SmallTech#TLS
Feb 04, 2025, 11:37 AM·Public·Mona for Mac
3boosts·7favorites
Public
PSY5 📚🎼☸️🌱💻

@aral Also with expiration notifications, look their last email:

"We’re writing to inform you that we intend to discontinue sending expiration notification emails. You can learn more in this blog post. You will receive this reminder email again in the coming months:"

letsencrypt.org/2025/01/22/End

😩

letsencrypt.orgEnding Support for Expiration Notification EmailsSince its inception, Let’s Encrypt has been sending expiration notification emails to subscribers that have provided an email address to us. We will be ending this service on June 4, 2025. The decision to end this service is the result of the following factors: Over the past 10 years more and more of our subscribers have been able to put reliable automation into place for certificate renewal. Providing expiration notification emails means that we have to retain millions of email addresses connected to issuance records.
Public
Aral Balkan

@psy5 To be fair, I can’ imagine using Let’s Encrypt in a non-automated way. I’ve never even subscribed to such emails (and Auto Encrypt creates accounts without email addresses as they’ve never been required.)

Public
PSY5 📚🎼☸️🌱💻

@aral In environments like Plesk panel with multiples customer Webs with free Let's Encrypt SSLs, the notifications can help to maintain and renew the certificates.
I'm sure, how you are saying, that the best way is have an automated tool or script.

ExploreLive feeds
About