Did some testing this morning on the new certs and realised that things were not working in firefox and at one point I think I saw an erro in chrome! Problem was fire fox needed both www and non www versions of the site name. Re issuing the cert sorted this in no time!
This is how the process worked out…!
sudo certbot --nginx Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator nginx, Installer nginx No names were found in your configuration files. Please enter in your domain name(s) (comma and/or space separated) (Enter 'c' to cancel): www.gingercatsoftware.com gingercatsoftware.com
Quick shout out to letsencrypt and cerbot2 . Amazing open source free applications that are keeping the web safe for everyone! I’ve just renewed my site certs and it was surprisingly easy, free and fast. If your like me and have a non critical site but care about security check them out and even consider a donation.
Just a quick shout out …. So one of the things that is some times talked about is the problem of the “non heterogeneous” or homogenous networking environment. The illusion that choosing the market dominant product (because everyone else buys it) is the right thing to do …. Anyhow it seems that Cisco is in a bit of bother due to its some what hated buggy protocol CDP. If your a cisco nerd and haven’t caught up on this it might be time to do a bit of serious patching!
Don’t use a pass word! Use a pass phrase . Twelve or more letters, the odd number and lower and upper case letters, make it something you can remember but long and easy for you to remember is the most important thing.
For example I like dogs, bentley cars and pingpong I might write a sticky note that says *_* Fave animal Fave car Fave sport
and the pass phrase might look like
This is a good pass phrase But think of it like this
There are 62 possibilities for each character, and 16 characters. This translates to 62^16 (47672401706823533450263330816) trials worse case, or half of that on average. If the attacker can do a billion trials per second, that means 47672401706823533450 seconds, which is about 1511681941489 years. I think that’s pretty good protection. You could even chop off a few characters and still feel pretty safe.
Probably best not to put your exact pass phrase in this (just in case some one nasty sniffs if across the net work or the interweb) but have a play with this site it’s fun and gets the point home.
The other thing is don’t use the same pass phrase for all accounts! What you might say do I have to remember lots of pass phrases? Well the next thing to do is start using the keychain, but I’ll talk more about this in another exciting episode!