[Owasp-leaders] Expired SSL Certificate

Vlad Styran vlad.styran at owasp.org
Tue Jun 13 12:18:16 UTC 2017


Actually, LetsEncrypt by itself does a series of reminders of certificate expiration to the email used for issuing the cert.

Best,
Vlad

> On Jun 13, 2017, at 14:54, Ralph Durkee (OWASP) <Ralph.Durkee at owasp.org> wrote:
> 
> There's an open source Linux utility called certwatch (often installed by default) that will email a warning when an certificate is about to expire ( 30 days be default).  We should be using something like it, or an external service to issues an alert 30 days in advance. Certwatch parses the Apache  configuration file looking for certificates. Here's a sample email.
> 
> 
> ################# SSL Certificate Warning ################
> 
>   Certificate for hostname 'ssl.durkee.us', in file (or by nickname):
>      /etc/pki/tls/certs/ssl.durkee.us.crt
> 
>   The certificate needs to be renewed; this can be done
>   using the 'genkey' program.
> 
>   Browsers will not be able to correctly connect to this
>   web site using SSL until the certificate is renewed.
> 
>  ##########################################################
>                                   Generated by certwatch(1)
> -- Ralph Durkee
> On 06/10/2017 10:02 AM, Sean Auriti wrote:
>> Added to Bugheist: https://www.bugheist.com/issue/607/ <https://www.bugheist.com/issue/607/>
>> On Sat, Jun 10, 2017 at 9:22 AM Tom Brennan - OWASP <tomb at owasp.org <mailto:tomb at owasp.org>> wrote:
>> We are just raising visability for software security <grin>. 
>> 
>> Staff is aware and it is in progress item.
>> Tom Brennan
>> 
>> 
>> 
>> On Sat, Jun 10, 2017 at 7:53 AM, Ade Yoseman Putra <ade.putra at owasp.org <mailto:ade.putra at owasp.org>> wrote:
>> Yep i saw the ssl need get fix and to do fast 
>> 
>> 
>> 
>> On 10 Jun 2017 18:41, "Ahmed Abbas" <ahmed.abbas at owasp.org <mailto:ahmed.abbas at owasp.org>> wrote:
>> Hi,
>> 
>> OWASP.org SSL certificate expired yesterday and it is throwing a security warning when someone tries to visit the website. This is very bad for the public image of OWASP as an organization promoting proper security configurations. I hope this gets fixed ASAP, someone is already joking about it on Twitter.
>> 
>> Best Regards,
>> Ahmed Musaad.
>> 
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org>
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders <https://lists.owasp.org/mailman/listinfo/owasp-leaders>
>> 
>> 
>> 
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org>
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders <https://lists.owasp.org/mailman/listinfo/owasp-leaders>
>> 
>> 
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org>
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders <https://lists.owasp.org/mailman/listinfo/owasp-leaders>
>> 
>> 
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org>
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders <https://lists.owasp.org/mailman/listinfo/owasp-leaders>
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20170613/d09d9c1f/attachment.html>


More information about the OWASP-Leaders mailing list