Software, technology, sysadmin war stories, and more. Feed
Saturday, April 18, 2015

SHA2 certificate now online

While it wasn't actually time for a renewal of my rachelbythebay.com certificate, it turns out that having a SHA1 signature was a recipe for trouble. Various folks have decided their browsers will no longer trust them in increasingly nasty ways, so it's time to move on.

Given that I am currently tearing everything up in order to move to a new server, what's one more item of yak shaving sysadmin work?

The result: as of right now as this post goes live, you can hit this site over IPv6, with TLS 1.2, and with a certificate that has a SHA2 signature.

If you run a https web site, you'd better figure this out quickly. If you have https clients, particularly embedded hardware (PS3, I'm looking at you), you'd better make sure they can handle these new certs. Otherwise, it's going to be a real mess out there as the world re-adjusts.

What's next in terms of sysadmin stuff this year? Leap second, you say?