Categories
Geek

DigiCert SHA-1 Sunset Tool: Find & Replace SHA-1 Certificates

With very little effort I replaced my existing SSL cert which was SHA-1 based with a SHA-256 version for free. The SHA-1 Sunset Tool makes it easy to find all of your SHA-1 certificates. Enter your domain name to find affected certificates and upgrade to SHA-256 with a free DigiCert certificate. via DigiCert SHA-1 Sunset […]

Categories
Geek

Fixing my SSL based shortlinks

If you look at the HTML source for this NGINX post I wrote you’ll find this code. Which was inserted when I published the post via Jetpack. Shortlinks are cool. But if you use curl -LI on that wp.me URL you see that it goes http -> http -> https which irks me. I like […]

Categories
Geek Software

I may have broken my Feedburner feed

After I converted my WordPress install to 100% SSL I noticed that my own feeds in Tiny Tiny RSS were not updating. Years ago I forwarded my RSS feeds to Feedburner and 301 redirects from https://blog.dembowski.net/feed/ https wasn’t working. I can’t even remember why I used Feedburner. I’m pretty sure I turned it on in […]

Categories
Geek

Better SSL with mod_substitute

Renewing my SSL certificates was on my to do list for months and today I’m at home recuperating from a fever that kept me up all night. Since my web server is now patched it is a good time to get new SSL certificates. So I contacted StartSSL and did the deed. WordPress and SSL has always […]

Categories
Cool Geek

Now validated with StartSSL

So while I was putzing around with my SSL sites and getting some grief with mod_gnutls, I realized that my life really would be much easier with a valid wildcard SSL cert. So naturally I went to StartSSL and went through the process for a Class 2 Validation. I had meant to do it for […]

Categories
Geek

StartSSL and Nginx

I converted this blog from Apache2 to Nginx but forgot a step for SSL. With Apache2 to correctly install the SSL cert, you need to include in your config ca.pem and sub.class1.server.ca.pem. See here for more information. I didn’t realize I had a problem until I pointed my iPhone at my SSL enabled web site. […]

Categories
Geek

SSL certs for free and not self signed?

I may have been under a rock lately. I saw on Reddit that Microsoft Internet Explorer 8 supported StartSSL certificates. So as a goof I signed up at https://www.startssl.com/ and applied for a free server certificate. I generated via their web page a certificate for blog.dembowski.net, installed it on my apache server and started using […]

Categories
Geek Software

Importing self-signed SSL certs into Vista

I use SSL on my web servers for privacy and not authentication. Since it is my own use I don’t care if it’s from Verisign or Thawte. Also why shell out cash for the certificate when a self signed certificate will do just fine? Internet Explorer used to permit you to install web server certificates […]

Categories
Software

WordPress SSL Admin plugin (patched)

A while back Wordpress.com released a plugin which protected your login with SSL. Normally when you administer a Wordpress blog, it’s done via http. The plugin was originally released for the Wordpres…