Re: buying ssl certificate
On Tue, 30 May 2017, kc atgb wrote:
> One problem I might have with letsencrypt is that it is not recognized
> by all protocol clients. We have customers that are not always up to
> date on their side (old OSes, softwares, hosts, ... ), and letsencrypt
> is recent in the race, so not integrated on these devices.
Letsencrypt signs with a signing key which is signed by the DST Root CA
which has been valid since 2000, and should be present on almost every
device. [For reference, google.com is signed by a key which was
generated in 2002...]
So if it does have an issue with validity, it's an issue which many
SSL certificates are going to share.
--
Don Armstrong https://www.donarmstrong.com
They say when you embark on a journey
of revenge
dig two graves.
They underestimate me.
-- a softer world #560
http://www.asofterworld.com/index.php?id=560
Reply to: