Comment by jakub_g
3 years ago
I wonder if someone didn't "forget" on purpose, so that people learn about it.
Or, someone very diligently followed the orders - there was an order to set up a cert, but there was no requirement that it has to auto-renew :)
It was claimed to have been running for 6 months so it must have renewed certs at least once - LE certs are good for 90 days.
> 6 months [...] 90 days.
So they were told to renew the certificate, but not how many times to renew it?
They were told to renew the original certificate, but weren't told to also renew the renewed one.
Shouldn't the certificate transparency logs have it?
4 replies →
Any sanely designed covert transparent proxy software will automatically stop proxying when the certificate expires.
I wonder why this didn't.