>not using let's encrypt in 2017

>>61519897
I just sign my own certs.

>needing a third party for ensure your cert is secure
Sounds like jewery to me.

>>61519993
>He fell for the Self-Signed Certificate Meme

>implying certs mean jack shit

File: 192.168.1.1.png (15KB, 403x234px) Image search: [Google]

15KB, 403x234px

how can i get let's encrypt certificate for my router

File: santania render+bgx80.png (12KB, 81x78px) Image search: [Google]

12KB, 81x78px

>>61519897
not running a vpn on port 443 so you can avoid 99% of filters.
yeah because of this my website has no SSL certificate.

>>61519897
I literally just set it up on my raspberry, where I host my own blog.
Thanks for the reminder, OP!
Thought this might be more difficult, but literally just took seconds

>>61522347
c-can i visit your blog to get ideas for my own?

>>61522461
It has literally no content atm. Just set it up brand new lel.
https://1byte.club/

PS: When I bought that domain I thought it is a cool name for 9€/year, but now I hate it and maybe should get a new one, kek.

>>61522347
>>61522461
>>61522541
samefag

File: firefox_2017-07-23_12-30-46.png (2KB, 273x91px) Image search: [Google]

2KB, 273x91px

>>61522592
sure

>>61522541
what are you using to power the blog? I'm gonna setup a simple personal professional site similar to yours soon.

File: Bildschirmfoto vom 2017-07-23 17-32-27.png (9KB, 351x125px) Image search: [Google]

9KB, 351x125px

>>61522592
thanks

>>61522541
>https://www.ssllabs.com/ssltest/analyze.html?d=1byte.club
>only A rating
>not A+

File: 2017-07-23-103346_1600x900_scrot.png (158KB, 1600x900px) Image search: [Google]

158KB, 1600x900px

>>61522592
You got me

>>61522607
>>61522629
samefagging this hard

>>61522135
do you have an actual domain for your router?

>>61519993
> implying that browsers would let anybody else to visit your website

File: like_fucking_clockwork.png (33KB, 1137x702px) Image search: [Google]

33KB, 1137x702px

>dev website doesn't have valid HTTPS cert
>check out why
>it's hosted on github pages
STOP USING CUSTOM DOMAINS WITH GITHUB PAGES
FUCK

File: kek.png (66KB, 699x611px) Image search: [Google]

66KB, 699x611px

>>61522626
>>61522784
hehe a screenshot of my post which I cant post lel

>>61522743
echo '1?92.16?8.?1.1 ayy.lmao' >?> /e?tc/?hosts

>>61522827
are you mentally retarded?

>>61522135
well, you need to have a domain registered to you first so that there is something to put on the certificate.

>>61522827
>the stupidity of humanity never ceases to astound me.jpg

>>61522645
why

>>61519897
You don't need encryption, what are you trying to hide?

>>61522827
If this isn't a joke, let me explain why you're an idiot.

Let's encrypt CA cert is included in major certificate stores because of the fact that they're domain validated. This means you must have a signed message available on port 80, which is verified to sign the certificate for your domain. This prevents me from requesting something like *.google.com. If I could sign any domain with a CA issued in major certificate stores, I could EASILY steal everyone's shit without complaint of an invalid certificate from a victim's browser.

Why are you on this board?

>>61522992
my cheesepizza collection. Don't you have one?

>>61519897
i use let's encrypt for 30+ servers running 45+ apps at my dayjob. Whenever we boot up a new server and run the ansible playbook, it automatically generates the certs we need and sets up automatic renewal. It's honestly a lifesaver.

Pro tip: If you're using `certbot` to auto-renew your certs, remember to add a post hook to reload nginx config. nginx stores the cert in memory, so even if you update the cert it will be using the old one until you reload nginx config.

I auto-renew all certs once per week, as it won't try and renew unless the cert needs it, so doing it once per week/per day is fine.

>>61523144
End to end encryption allows terrorists to communicate without letting law enforcement know about it, western civilization is at risk.

>>61523296
Western civilisation is threatened by a bunch of sandniggers with homemade explosives but not the might of a fully industrialised hyper-powerful military police state.

>>61523331
They're communicating via milItary technology like encryption.

Good news everyone, lets encrypt will accept wildcard certificates january 2018
https://letsencrypt.org/2017/07/06/wildcard-certificates-coming-jan-2018.html

This should probably be posted in the stupid questions thread but h-here I go:

Does https:\\ matter in an internal network?
Is there a downside in accessing the router, switch, nas, shared folders over non ssl inside the home network?

>>61523507
How much does it matter to you if someone can packet sniff over that connection? If you're the only person who uses the network, it might not be necessary.

>>61523507
nah

Cloudflare HSTS Full Strict with Let's encrypt

Takes 2 minutes to setup

File: dad.jpg (52KB, 465x498px) Image search: [Google]

52KB, 465x498px

>>61522283
nigger, have you never heard of a multiplexer?

sslh allows me to run SSH, HTTPS, VPN, etc all transparently through 443.

>>61519897
>let's encrypt
More like let's backdoor lmao

I use a self signed cert for my qBittorrent WebUI

>>61523627
you using NoIP for it or do you have static IP?

>>61523673
Neither actually. My IP doesn't change unless I manually change the routers MAC address

>>61519993
without an authority, how can I be sure that the signer was indeed you?

>>61523692
that's weird, on one side it's good for connecting to stuff at home when you're away but you have to manually change it whenever you get banned here

>>61523724
>>61523696
>>61523692
>>61523673
>>61523627

i wish IT nerds like you people would leave here and never come back.

>>61523746
>/pol/nigger

SSL certs where mistake.
Fuck the 3rd party signing.
HTTPS by the browsers has been implemented so poorly(giving huge warning if the cert is not signed by trusted provider) that it's just easier to not use SSL at all.

I do use it. It's actually quite convenient because you need SSL for HTTP 2.0 memes.

>>61523746
Err, what? What have I done to offend thee.

>>61523766
i dont go to /pol/. i'm talking about the fact that this thread could actually be about a piece of useful technology, but once again it turns into a dick measuring contest between a bunch of you dweebs about your lame little torrent setups, as if anyone gives a shit. this whole board is just about fucking "which brand to buy" and "how to use software" and it's just depressing. you people are the fake nerds of /g/.

>>61523796
you don't know what you're talking about

File: jew cloud.jpg (175KB, 1920x1440px) Image search: [Google]

175KB, 1920x1440px

>>61519897
i hate that feature. they keep making ignoring it harder every year. its almost like the certificate jews own web browsers

>>61523864
>you people are the fake nerds of /g/.
>wah muh sekrit klub
suck a dick faggot
why don't you go yell at the consumer drones at the graphic cards threads instead, pussy

>>61523864
Oh fuck you're right, I'll go make an iphone thread to make up for this sin right now.

File: Screen Shot 2017-07-23 at 18.31.02.png (897KB, 1306x1084px) Image search: [Google]

897KB, 1306x1084px

>>61523796
>how this guy thinks SSL should work
pic related

>>61524043
t. NSA

>>61524043
but certs are free now. thats kind of the whole point of this thread.

>>61524374
there should be a setting that disables the warning if the user wants that.

>>61524043
this. the jew shills are so obvious, especially with retardedniggershit like hsts. these fags are cucked hard

>>61519897
How the fuck do I get past this?
I don't give a fuck about security I just want to look at the wiki.
Can't find shit on google that works.

>>61526962
just click advanced and add exception and confirm 9000 times

>>61527030
there is nothing like that in either waterfox or iridium
i just click advanced and it tells me that its expired today at 8:30 and the Error code: SEC_ERROR_EXPIRED_CERTIFICATE

>>61527075
seriously is there no about:config flag that would let me just get rid of this annoying shit?

>>61527109
please help

okay iridium works if you use --ignore-certificate-errors flag
anything for firefox?

if you think encryption for the net is lacking, you must be surprise to know that there is not many encrypted text editors

>be me
>looking to start writing a journal on my pc
>cant find a journal app / text editor that will encrypt my shit
>those that have, wants money

fuck this shit, i'm just gonna write with a pen and paper and then burn it afterward like a savage

>>61527321
http://www.andromeda.com/people/ddyer/notepad/NotepadCrypt.html

>Someone mishandles their stuff and forgets to update the cert.
>Somehow provider's fault.

>>61527321
have a virtual encrypted drive, write any file you want to it, then unmount it when you're done. Free and not limited to text documents

>>61519993
This

>>61522761
Sure they do, just add my CA or whitelist my cert.

>>61519897
Enjoy your botnet

>>61523796
The whole point of the 3rd party signing is to ensure the certificate you receive is the legitimate certificate that was issued to the site.

Without 3rd party signing any Joe could MITM between you and a site, he just has to supply your browser with any old cert.

But it was also a mistake in that signing companies charged a substantial amount for basically nothing.

>>61523349
>Prime numbers are military grade
Holy shit, go back to the dark ages you fucking Neanderthal

>>61523349
>being this retarded
next you're going to tell me a porn license protects me from the evil jews

>>61528511

please talk english, i am too monkey to read this