SSLv2 shouldn't be running in the first place anymore. Ref: SSL Labs Documentation

@JaredBusch said:

Here you go @scottalanmiller. Add a sub domain to handle the Websockets.

https://community.nodebb.org/topic/7930/using-cloudflare-with-nodebb

Thanks. That's been mentioned a few times over there but a how-to has been missing and when I'd asked about it the topics all went silent. Will look into this.

@travisdh1 said in Setting up LetsEncrypt on a CentOS 7 NginX proxy:

@JaredBusch said in Setting up LetsEncrypt on a CentOS 7 NginX proxy:

@aaronstuder said in Setting up LetsEncrypt on a CentOS 7 NginX proxy:

Any updates to this?

Use Certbot never this method. keep your life simpler.

Yeah. If the old way is working, that should keep working. However, certbot is easier to use.

When my system came up for renew after certbot was out, I installed certbot and renewed that way. everything is in the same pace. nothing had to be changed in the config files.

@Dashrender said:

@MattSpeller Hmmm.. wonder if that's true?
trax.x10.mx/apps.html

This tool will scan your local certificate repository and tell if you there is anything odd or unexpected in the repository.

Also, do the Latitudes come with this Dell support software like the consumer models?

I think it's available through "Dell digital software delivery" as an option. We just got in 3 new 6440s so I'll check.

Basically, I'm asking, why would Dell get a pass assuming their business line wasn't effected, if Leveno doesn't get one for the same reason?

FWIW I would begin to look at HP (and have, but not seriously), except for the fact that we're tied to Dell for the next 3 years no matter what.

@Dashrender said:

@JaredBusch said:

@Dashrender said:

Does Let's Encrypt give SAN certs? I was under the impression that it's for single one off type situations where people don't have the cash to purchase their own cert, most likely being used by someone self hosting (or single site/server hosting).

If it is free, there is no reason not to get 4 or 5 certs instead of a SAN for most things.

Stupid question time (cause I don't know) can you install multiple certs on the same server?

I don't know about apache, but with NGINX each virtual host can have it's own.

SSL and TLS protect people from spying on an existing communications channel, but does nothing to protect the end points. It's just a service that has to respond to any incoming request.

We get from rapidssl https://www.rapidssl.com/ (single domain- $49, wild card $199) or network solutions

This is the HTTPS plugin.

wtf3

@JaredBusch said:

@Dashrender said:

Can't you still install CPanel yourself?

Why? What is the benefit / point?

Ease of use and documentation galore

Not that I am aware of. It all functions. NobeBB runs theirs on https with an Nginx proxy also.

@thecreativeone91 said:

@scottalanmiller said:

@thecreativeone91 said:

So how does a site get an SSL without knowing? "CT’s intent is to prevent CAs from issuing public key certificates for a domain without the domain owner’s knowledge." I assume that means if the site is hacked.

No, it does not mean that it has been hacked. This is really easy to do. I'm not sure at what stage you think that there is a verification for this currently but generally there is nothing.

But it has to be used at the domain it's issued for or else it will throw a mismatch error.. Unless it's a whild card cert..

That's a completely different piece of security. If you hijack DNS you completely bypass it.