#ssl — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #ssl, aggregated by home.social.
-
nginx + ssl production config — on 4grab.com security headers, rate limiting, reverse proxy, HTTPS setup. copy-paste configs that actually work in production. https://4grab.com/pay.php?id=ptag_69c4361231092 #prompt #nginx #ssl #devops
-
nginx + ssl production config — on 4grab.com security headers, rate limiting, reverse proxy, HTTPS setup. copy-paste configs that actually work in production. https://4grab.com/pay.php?id=ptag_69c4361231092 #prompt #nginx #ssl #devops
-
nginx + ssl production config — on 4grab.com security headers, rate limiting, reverse proxy, HTTPS setup. copy-paste configs that actually work in production. https://4grab.com/pay.php?id=ptag_69c4361231092 #prompt #nginx #ssl #devops
-
nginx + ssl production config — on 4grab.com security headers, rate limiting, reverse proxy, HTTPS setup. copy-paste configs that actually work in production. https://4grab.com/pay.php?id=ptag_69c4361231092 #prompt #nginx #ssl #devops
-
TLSS или portable pki service в кармане
Сегодня я бы хотел рассказать о небольшом проекте, который тянется немного, немало, около двух лет. Я назвал его TLSS, или TLS Service — карманный pki сервис.
-
nginx + ssl production config — on 4grab.com security headers, rate limiting, reverse proxy, HTTPS setup. copy-paste configs that actually work in production. https://4grab.com/pay.php?id=ptag_69c4361231092 #prompt #nginx #ssl #devops
-
🛑 #LetsEncrypt deixarà d'emetre certificats per a dominis .onion 🌐
Aquesta decisió respon a canvis en les normatives del CA/Browser Forum i afectarà directament la #seguretat de molts serveis a la xarxa #Tor. Un canvi rellevant per a la #privacitat a la xarxa. 🔐
Tota la info aquí: https://blog.elhacker.net/2026/05/lets-encrypt-detiene-emision-de.html
#Ciberseguretat #SSL #TLS #Onion #Internet #Privadesa #Tech #Web #Actualitat
-
nginx + ssl production config — on 4grab.com security headers, rate limiting, reverse proxy, HTTPS setup. copy-paste configs that actually work in production. https://4grab.com/pay.php?id=ptag_69c4361231092 #prompt #nginx #ssl #devops
-
#SSL: Let's Encrypt Abruptly Stopped TLS Certificate Issuance Due to an Incident:
#LetsEncrypt
👇
https://cybersecuritynews.com/lets-encrypt-halts-certificate-issuance/ -
Lets Encrypt Stopping Issuance for Potential Incident
https://letsencrypt.status.io/pages/incident/55957a99e800baa4470002da/69fe2d6698ca07050eb4b1b3
#HackerNews #LetsEncrypt #Incident #Cybersecurity #SSL #Certificates #WebSecurity
-
Goodbye #letsencrypt? At least for now.
"We have been made aware of a potential incident and are shutting down all issuance."
https://letsencrypt.status.io/
E: Let's Encrypt has resumed issuance.
"Due to an issue with the cross-signed certificate from our Generation X root to our new Generation Y root, all issuance has been switched back to our Generation X root certificate."
https://letsencrypt.status.io/pages/incident/55957a99e800baa4470002da/69fe2d6698ca07050eb4b1b3
-
nginx + ssl production config — on 4grab.com security headers, rate limiting, reverse proxy, HTTPS setup. copy-paste configs that actually work in production. https://4grab.com/pay.php?id=ptag_69c4361231092 #prompt #nginx #ssl #devops
-
#EDM #Techno #Mixes Sunshine Live #SSL Mix Mission Collection
2020: https://archive.org/details/mix-mission-2020
2021: https://archive.org/details/mix-mission-2021_20250103
2022: https://archive.org/details/mix-mission-2022_20250105
2023: https://archive.org/details/mix-mission-2023_202501
2024: https://archive.org/details/mix-mission-2024_202501977 #MP3 Files (Mixe) 101 GB
-
nginx + ssl production config — on 4grab.com security headers, rate limiting, reverse proxy, HTTPS setup. copy-paste configs that actually work in production. https://4grab.com/pay.php?id=ptag_69c4361231092 #prompt #nginx #ssl #devops
-
🧠 New preprint by Fabian A. Mikulasch & @fzenke: Understanding Self-Supervised #Learning via #LatentDistribution Matching proposes a unifying theoretical framework for #SelfSupervisedLearning.
The paper reframes #SSL as latent distribution matching, connecting contrastive, non-contrastive, predictive, and stop-gradient methods through a common probabilistic principle linking alignment, uniformity, and latent entropy.
-
nginx + ssl production config — on 4grab.com security headers, rate limiting, reverse proxy, HTTPS setup. copy-paste configs that actually work in production. https://4grab.com/pay.php?id=ptag_69c4361231092 #prompt #nginx #ssl #devops
-
nginx + ssl production config — on 4grab.com security headers, rate limiting, reverse proxy, HTTPS setup. copy-paste configs that actually work in production. https://4grab.com/pay.php?id=ptag_69c4361231092 #prompt #nginx #ssl #devops
-
nginx + ssl production config — on 4grab.com security headers, rate limiting, reverse proxy, HTTPS setup. copy-paste configs that actually work in production. https://4grab.com/pay.php?id=ptag_69c4361231092 #prompt #nginx #ssl #devops
-
Komari Red: The Monitoring Tool with a Built-in Reverse Shell
On April 16, 2026, a threat actor leveraged stolen VPN credentials to access a Windows workstation and deployed a SYSTEM-level backdoor using the Komari agent, an open-source monitoring tool with built-in command-and-control capabilities. The attacker authenticated through an SSLVPN session from IP 45.153.34[.]132 and used Impacket smbexec.py to enable RDP on the target system. The Komari agent was installed as a persistent Windows service named 'Windows Update Service' using NSSM, pulling the installer directly from the official GitHub repository. Komari provides bidirectional control through WebSocket connections, offering arbitrary command execution, interactive reverse shell access, and network probing capabilities by default. Microsoft Defender quarantined an earlier registry dump attempt, forcing the adversary to pivot to this GitHub-based approach. This represents the first publicly documented case of Komari being abused in a real-world intrusion.
Pulse ID: 69f29e7612b827a15dfc7787
Pulse Link: https://otx.alienvault.com/pulse/69f29e7612b827a15dfc7787
Pulse Author: AlienVault
Created: 2026-04-30 00:12:38Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #CyberSecurity #GitHub #InfoSec #Microsoft #MicrosoftDefender #OTX #OpenThreatExchange #RCE #RDP #SMB #SSL #VPN #Windows #bot #AlienVault
-
Certbot doesn't define CN by default which is required by pgBackRest and OpenVPN as of today. I tried to use a CSR but Certbot doesn't automatically renew those certificates making certbot pointless. I'm now using acme.sh and it just works https://github.com/acmesh-official/acme.sh
-
Certbot doesn't define CN by default which is required by pgBackRest and OpenVPN as of today. I tried to use a CSR but Certbot doesn't automatically renew those certificates making certbot pointless. I'm now using acme.sh and it just works https://github.com/acmesh-official/acme.sh
-
Certbot doesn't define CN by default which is required by pgBackRest and OpenVPN as of today. I tried to use a CSR but Certbot doesn't automatically renew those certificates making certbot pointless. I'm now using acme.sh and it just works https://github.com/acmesh-official/acme.sh
-
Certbot doesn't define CN by default which is required by pgBackRest and OpenVPN as of today. I tried to use a CSR but Certbot doesn't automatically renew those certificates making certbot pointless. I'm now using acme.sh and it just works https://github.com/acmesh-official/acme.sh
-
Certbot doesn't define CN by default which is required by pgBackRest and OpenVPN as of today. I tried to use a CSR but Certbot doesn't automatically renew those certificates making certbot pointless. I'm now using acme.sh and it just works https://github.com/acmesh-official/acme.sh
-
GopherWhisper: A burrow full of malware
ESET researchers discovered a previously undocumented China-aligned APT group named GopherWhisper that targeted a governmental entity in Mongolia. The group employs a diverse arsenal of custom tools, predominantly written in Go, including backdoors LaxGopher, RatGopher, and BoxOfFriends, along with injectors JabGopher, exfiltration tool CompactGopher, loader FriendDelivery, and C++ backdoor SSLORDoor. The threat actors abuse legitimate services including Discord, Slack, Microsoft 365 Outlook, and file.io for command and control communications and data exfiltration. Through extraction of thousands of messages from compromised Slack and Discord channels, researchers gained valuable insights into the group's internal operations and post-compromise activities. Timestamp analysis of communications indicates operators work during UTC+8 business hours, aligning with China Standard Time, supporting attribution to China-aligned actors.
Pulse ID: 69ea2ebe8c3499b065ec22a7
Pulse Link: https://otx.alienvault.com/pulse/69ea2ebe8c3499b065ec22a7
Pulse Author: AlienVault
Created: 2026-04-23 14:37:50Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #China #CyberSecurity #Discord #ESET #Government #InfoSec #LUA #Malware #Microsoft #OTX #OpenThreatExchange #Outlook #RAT #SSL #bot #AlienVault
-
My experiment with #selfhosting a code forge using #Forgejo has come to an end. Even though it wasn't too expensive to rent a VPS, I still disliked having another form of rent to pay. I'd much rather be hosting something from my own hardware at home. In addition to this, my current use-case doesn't seem to justify the effort it takes to properly maintain the service.
I had a couple projects I was sharing on my website via this code forge, both of which used to be on #GitHub. I've realized they work better as static files/archives you can download directly. They're tiny and there's no need for a live web application to share them.
I did learn a lot by setting up the Forgejo instance, including how to use wildcard #SSL certificates and #nginx. I took copious notes, so I'll probably have a much smoother time of it if I try hosting another web application at some point.
For projects that are better served by a Forgejo instance, I've made a #Codeberg account:
#VPS #software #programming #WebDev #WebDevelopment #WebApplication
-
Hackers Use Nightmare-Eclipse Tools After Compromising FortiGate SSL VPN Access
The first confirmed in-the-wild deployment of Nightmare-Eclipse privilege escalation tools against a live enterprise environment has been reported by Microsoft and the South Korean National Security Agency (NSSA) in South Korea.
Pulse ID: 69e774974aa8c5561f4c0313
Pulse Link: https://otx.alienvault.com/pulse/69e774974aa8c5561f4c0313
Pulse Author: CyberHunter_NL
Created: 2026-04-21 12:59:03Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #Korea #Microsoft #NationalSecurityAgency #OTX #OpenThreatExchange #SSL #SouthKorea #VPN #bot #CyberHunter_NL
-
Nightmare-Eclipse Tooling Seen in Real-World Intrusion
Activity involving BlueHammer, RedSun, and UnDefend tooling from the Nightmare-Eclipse proof-of-concept repository was observed during a live intrusion investigation. The malicious binaries were staged in user-writable directories including Pictures and Downloads folders, with execution attempts failing despite hands-on-keyboard reconnaissance activities. The threat actor demonstrated unfamiliarity with the tools, misspelling command parameters and attempting non-functional flags. Initial access was traced to compromised FortiGate SSL VPN credentials, with connections originating from Russia, Singapore, and Switzerland. A Go-based tunneling agent dubbed BeigeBurrow was deployed for persistent access, beaconing to attacker infrastructure over port 443 using HashiCorp's yamux library for multiplexed reverse tunneling capabilities.
Pulse ID: 69e68c661e82c96759b91265
Pulse Link: https://otx.alienvault.com/pulse/69e68c661e82c96759b91265
Pulse Author: AlienVault
Created: 2026-04-20 20:28:22Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #OTX #OpenThreatExchange #RAT #Russia #SSL #Singapore #VPN #bot #AlienVault
-
## LibreSSL 4.3.1 released!
* Internal improvements
- Remove the unused sequence number from X509_REVOKED.
- Replace a call to atoi() with strtonum() in nc(1) and replace a
misleading use of ntohs() with htons().
- openssl(1) speed now uses HMAC-SHA256 for its hmac benchmark.
- Reimplemented only use of ASN1_PRINTABLE_type() in openssl(1) ca.
The API will be removed in an upcoming release.
- Add curve NID to EC_POINT objects so the library has a clue on which
curve a given EC_POINT is supposed to live.
- Use curve NID to check for compatibility between group and points
in various EC API. This isn't 100% failsafe but good enough for sane
uses.
- Require SSE in order to use gcm_{gmult,ghash}_4bit_mmx().
On rare i386 machines suporting MMX but not SSE this could result
in an illegal instruction.
- Cleaned up asn1t.h to make it somewhat readable and more robust by
using C99 initializers in particular.
- Further assembly macro improvements for -portable.
- Add fast path for well-known DH primes in DH_check() (including
those from RFC 7919). Some projects still fiddle with this in 2025.
- Rewrite ec_point_cmp() for readability and robustness.
- Improve EVP_{Open,Seal}Init() internals. This is legacy API that
cannot be removed since one scripting language still exposes it.
- ASN1_BIT_STRING_set_bit() now trims trailing zero bits itself rather
than relying on i2c_ASN1_BIT_STRING() to do that when encoding.
- Fix and add workarounds to libtls to improve const correctness and
to avoid warnings when compiling with OpenSSL 4.
- Prefix EC_KEY methods with ec_key_ to avoid problems in some static
links.https://undeadly.org/cgi?action=article;sid=20260420085845
Go read ALL about it here!
#SSL #libre #BSD #openBSD #OpenSource #programming #networking #Secure #Socket #Layer
-
There is a package for #Caddy reverse proxy for obtaining certificates using DNS challenge through #Hetzner's new Cloud API.
https://github.com/caddy-dns/hetzner
#homelab #reverseproxy #selfhosted #selfhosting #selfhost #ssl
-
I have not posted much in a while so I thought I could give a quick shout out to the EFF Foundation and their Certbot.
Anybody running their own servers should look into it. It has made my life much easier running 5 websites.I usually send them the money I would have spent on certs every year as a donation. 🙂
-
How To Install A Ghost Website On DigitalOcean, Add A Domain Name, And A SSL Certificate For HTTPS https://youtu.be/R_K93Lw1nJo #Websplaining #Ghost #DigitalOcean #Domain #SSL #HTTPS #Droplet #VPS #Ubuntu #UbuntuLinux #CloudServer #VirtualPrivateServer #DO #Blog #Site #Website
-
How To Install A Ghost Website On DigitalOcean, Add A Domain Name, And A SSL Certificate For HTTPS https://youtu.be/R_K93Lw1nJo #Websplaining #Ghost #DigitalOcean #Domain #SSL #HTTPS #Droplet #VPS #Ubuntu #UbuntuLinux #CloudServer #VirtualPrivateServer #DO #Blog #Site #Website
-
How To Install A Ghost Website On DigitalOcean, Add A Domain Name, And A SSL Certificate For HTTPS https://youtu.be/R_K93Lw1nJo #Websplaining #Ghost #DigitalOcean #Domain #SSL #HTTPS #Droplet #VPS #Ubuntu #UbuntuLinux #CloudServer #VirtualPrivateServer #DO #Blog #Site #Website
-
How To Install A Ghost Website On DigitalOcean, Add A Domain Name, And A SSL Certificate For HTTPS https://youtu.be/R_K93Lw1nJo #Websplaining #Ghost #DigitalOcean #Domain #SSL #HTTPS #Droplet #VPS #Ubuntu #UbuntuLinux #CloudServer #VirtualPrivateServer #DO #Blog #Site #Website
-
How To Install A Ghost Website On DigitalOcean, Add A Domain Name, And A SSL Certificate For HTTPS https://youtu.be/R_K93Lw1nJo #Websplaining #Ghost #DigitalOcean #Domain #SSL #HTTPS #Droplet #VPS #Ubuntu #UbuntuLinux #CloudServer #VirtualPrivateServer #DO #Blog #Site #Website
-
How To Install A WordPress Website On DigitalOcean, Add A Domain Name, And A Free SSL Certificate (HTTPS) https://youtu.be/LwcTL9rIm-c #Websplaining #WordPress #DigitalOcean #VPS #Ubuntu #CloudServer #Droplet #SSL #DomainName #Domain #SslCertificate #Blog #Website #HTTPS #Namecheap
-
How To Install A WordPress Website On DigitalOcean, Add A Domain Name, And A Free SSL Certificate (HTTPS) https://youtu.be/LwcTL9rIm-c #Websplaining #WordPress #DigitalOcean #VPS #Ubuntu #CloudServer #Droplet #SSL #DomainName #Domain #SslCertificate #Blog #Website #HTTPS #Namecheap
-
How To Install A WordPress Website On DigitalOcean, Add A Domain Name, And A Free SSL Certificate (HTTPS) https://youtu.be/LwcTL9rIm-c #Websplaining #WordPress #DigitalOcean #VPS #Ubuntu #CloudServer #Droplet #SSL #DomainName #Domain #SslCertificate #Blog #Website #HTTPS #Namecheap
-
How To Install A WordPress Website On DigitalOcean, Add A Domain Name, And A Free SSL Certificate (HTTPS) https://youtu.be/LwcTL9rIm-c #Websplaining #WordPress #DigitalOcean #VPS #Ubuntu #CloudServer #Droplet #SSL #DomainName #Domain #SslCertificate #Blog #Website #HTTPS #Namecheap
-
Reminder: Die gültigen #Zertifikat-Laufzeiten schrumpfen.
🟡 15. März 2026: 200 Tage ☹️
🟠 15. März 2027: 100 Tage 🤢
🔴 15. März 2029: 47 Tage 🤮Unser Status:
✅ #LetsEncrypt (wo einfach möglich) aktiviert
✅ 30-Tage-Zertifikate der internen AD CS PKI für Intranetdienste auf #WindowsServer und #Linux mit #PowerShell vollautomatisiert
⏳ AD FS, Exchange#sysadmin #admin #itsicherheit #zertifikate #tls #ssl #reminder #adcs #adfs #pki #intranet #internet
-
[Перевод] Easy-RSA 3 и Public Key Infrastructure (PKI)
Представленный материал по большей части является переводом краткого руководства Easy-RSA 3 с некоторыми дополнениями. Сухое и формализованное изложение не предполагает украшательства картинками. P.S. Адептам рунглиша с острой аллергической реакцией и когнитивным диссонансом к русскоязычным терминам и сокращениям просьба не беспокоиться.
-
So. Nu hab ich mich endlich eingesetzt - wochenlang hat's gedauert - und das weite Feld #java #rmi #ssl #tls vollständig durchdrungen. Jetzt muss ich daraus ein ordentliches #OpenSourceProjekt auf #codeberg mit ohne #noai machen und ein paar Artikel dazu auf meine #heimatseite im #zwischennetz packen...
-
#Development #Pitfalls
The dangers of SSL certificates · What if automated certificate renewal fails? https://ilo.im/169g9s_____
#Renewals #Certificates #SSL #TSL #HTTPS #Automation #DevOps #WebDev #Backend
