SSL Certificates are getting interesting, again
by Andy Flagg, Publication Date: Sunday, March 28, 2021
View Count: 37, Keywords: SSL, Certificates, SHA1, SHA256, Hashtags: #SSL #Certificates #SHA1 #SHA256
Working with a client, they were not aware their SSL certificate set was from one SSL provider and not the one they purchased it from. Hmmmm... Their certificates they purchased and had installed 2 years ago were not the ones running on their deployments in the web, remote and other platforms. Uh Oh!!
So, when we went to migrate their business platform from one hosting provider to another, the SSL certificates were not what they expected. Quickly, uh, why, and they have remote SSL VPN on that domain into their networks using those certificates. Was it a purchasing, ordering, internal IT issue? Did their certificates get replaced without them knowing?
Little did we know until we were asked to assist in their migration, and noticed mismatch SSL certificate installation and they were valid. Let's just quickly note it, and migrate them, backup all their logs and off the grid and wire contact the SSL vendor(s), data center and hosting, and begin to see how far back we can go. Did they have SSL certificate monitoring enabled or not?
a puzzle and mystery is afoot.
as a side note, I still see SHA1 on some things that should be SHA256. Commercial and Enterprise things should be SHA256 yet I get it, some of them are legacy back ends and Internet facing. Yikes.
more to come...
if you found this article helpful, consider contributing $10, 20 an Andrew Jackson or so..to the author. more authors coming soon
FYI we use paypal or patreon, patreon has 3x the transaction fees, so we don't, not yet.
© 2021 myBlog™ v1.1 All rights reserved. We count views as reads, so let's not over think it.