monit-general
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The day I lost my job due to monit

From: SZÉPE Viktor
Subject: Re: The day I lost my job due to monit
Date: Fri, 11 Dec 2020 10:05:47 +0100
User-agent: Horde Application Framework 5 
Idézem/Quoting Werner Flamme <werner.flamme@ufz.de>:


Am 10.12.2020 um 12:53 schrieb Phil Townes:

This issue was highlighted on a number of IT news pages and blogs in the
week or two prior to the issuing CA expiring.  A decent CA should also have
made contact with their customers.

We were also bitten by this issue as well, so I now have a shell script
which checks all certificates in a chain for impending expiry.  I'm happy
to share if that would help anyone.


Sorry, I still don't get it. How can a certificate in the chain expire
before the "last" certificate (for the server) expires? That means that
a CA signs customer certificates for a longer period than their own
certificate is valid. Can this happen? I never saw this with mine. Their
validity was shortened due to the limited validity of the CA's certificate.


It is called cross-signing :) Google it!

e.g. https://scotthelme.co.uk/content/images/2019/04/image-3.png



SZÉPE Viktor, webes alkalmazás üzemeltetés / Running your application
https://github.com/szepeviktor/debian-server-tools/blob/master/CV.md
~~~
ügyelet 🌶️ hotline: +36-20-4242498  sms@szepe.net  skype: szepe.viktor
Budapest, III. kerület

Attachment: smime.p7s
Description: S/MIME Signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]