Wednesday, June 19, 2024

Let’s Encrypt Starts Offering Free Wildcard SSL Certificates that Work with Multiple Sub-domains

Let’s Encrypt started issuing free Wildcard SSL certificate from yesterday through their updated version of ACME protocol Automated Certificate Management Environment ACMEv2.

Wildcard SSL certificates are more expensive ones than the regular single domain SSL certificates, a wildcard certificate for the domain name *.gbhackers.com could cover gbhackers.com, www.gbhackers.com, test.gbhackers.com.

Also Read testssl.sh – Tool to check cryptographic flaws and TLS/SSL Ciphers on any Ports

The free Wildcard SSL certificate will be issued starting from the ACMEv2 environment “if you are having ACME v2 Compatible Clients then to request a wildcard certificate simply send a wildcard DNS identifier in the new order request”.

Here is the list of ACME v2 Compatible Clients and the wildcard certificates are available via ACMEv2.

To get the free Wildcard SSL certificate the domain validation needs to be completed using the DNS-01 validation method, this means you should modify the TXT records to prove the ownership of the domain.

Let’s encrypt says that Authorizations held by a V1 account will not be usable in the V2 environment – you must revalidate your domains for use with ACME v2. Similar to ACMEv1.

According to Scotthelme’s recent Alexa Top 1 Million Analysis, the number of sites enforcing HTTPS increased at an impressive rate.With last Alexa Top, 1 Million websites Analysis HTTPS adoption increased by 32.30%.

Let’s encrypt had a very good progress as it breaks the technical and cost barriers, “We’re excited about the prospect of a 100% HTTPS Web and we’re working hard to get there” the statement reads.

Website

Latest articles

Amtrak Data Breach: Hackers Accessed User’s Email Address

Amtrak notified its customers regarding a significant security breach involving its Amtrak Guest Rewards...

Chrome Security Update – Patch for 6 Vulnerabilities

Google has announced a new update for the Chrome browser, rolling out version 126.0.6478.114/115...

Hackers Weaponize Windows Installer (MSI) Files to Deliver Malware

Cybersecurity researchers have uncovered a sophisticated malware campaign orchestrated by a threat actor group,...

Hackers Using VPNs To Exploit Restrictions & Steal Mobile Data

Hackers are offering "free" mobile data access on Telegram channels by exploiting loopholes in...

New PhaaS Platform Lets Attackers Bypass Two-Factor Authentication

Several phishing campaign kits have been used widely by threat actors in the past....

Stuxnet, The Malware That Propagates To Air-Gapped Networks

Stuxnet, a complex worm discovered in 2010, targeted Supervisory Control and Data Acquisition (SCADA)...

Threat Actors Claiming Breach of AMD Source Code on Hacking Forums

A threat actor named " IntelBroker " claims to have breached AMD in June...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles