Let's Encrypt emails me to say that the certificate for https://dns.bortzmeyer.org/ expires "on 21 Jun 18 08:22 +0000" while OpenSSL tells me "Not After : Jul 22 05:25:09 2018 GMT" #confused #cybersecurity
@framasky Oui, j'ai vu. Mais n'explique pas le problème d'expiration du certificat.
@bortzmeyer are you sure the email is actually from LE? I've never gotten an email from them, even when my shit does expire.
@phessler Very good point. It was inded sent by a suspicious "from mail133-2.atl131.mandrillapp.com (mail133-2.atl131.mandrillapp.com [198.2.133.2])
" but there is a DKIM signature "d=letsencrypt.org" https://mammout.bzh/@DNSresolver/100128782930898303
@bortzmeyer @phessler Not that suspicious for me, LE uses a well known spam^Wmailing-list manager to send out the notifications.
And there are two DKIM sigs in the mail I've received (round 19-20 days before expiration).
@Keltounet @phessler OK but then why the error in the expiration date?
@bortzmeyer @phessler I don't know but I'll check when I get the next mail whether the dates are correct (from memory they were).
@phessler @bortzmeyer They do email a couple of times, starting something like 3 weeks before expiry.
@bortzmeyer Blocage du chargement du contenu mixte actif (mixed active content) « http://www.bortzmeyer.org/static/dnslg.css » sur dns.bortzmeyer.org