Let's Encrypt ndi bungwe loyang'aniridwa ndi anthu osachita phindu lomwe limapereka ziphaso zaulere kwa aliyense. za kuchotsedwa komwe kukubwera kwa ziphaso zambiri zomwe zidaperekedwa kale za TLS/SSL. Mwa masatifiketi 116 miliyoni omwe alipo tsopano a Let's Encrypt, opitilira 3 miliyoni (2.6%) achotsedwa, pomwe pafupifupi 1 miliyoni ndi obwereketsa omwe amalumikizidwa kudera lomwelo (zolakwikazo zimakhudzidwa makamaka ndi satifiketi zomwe zimasinthidwa pafupipafupi, zomwe ndi chifukwa chake pali zobwereza zambiri). Kukumbukirako kukukonzekera pa March 4 (nthawi yeniyeni sinadziwikebe, koma kukumbukira sikudzachitika mpaka 3 am MSK).
Kufunika kokumbukira kudachitika chifukwa chopezeka pa February 29 . Vutoli lakhala likuwonekera kuyambira pa Julayi 25, 2019 ndipo limakhudza dongosolo loyang'anira ma CD a CAA mu DNS. Mbiri ya CAA (, Certificate Authority Authorization) imalola eni ake a domain kuti afotokoze momveka bwino zaulamuliro wa certification womwe ziphaso zitha kupangidwira pagawo linalake. Ngati CA sinalembedwe m'mabuku a CAA, iyenera kuletsa kuperekedwa kwa ziphaso zamalo omwe adapatsidwa ndikudziwitsa mwiniwake za zoyesa kunyengerera. Nthawi zambiri, satifiketi imafunsidwa mutangodutsa cheke cha CAA, koma zotsatira za chekezo zimawonedwa kuti ndizoyenera masiku ena 30. Malamulowa amafunanso kuti kutsimikiziranso kuchitike pasanathe maola 8 asanapereke chiphaso chatsopano (ie, ngati maola a 8 adutsa kuchokera pakuwunika komaliza popempha chiphaso chatsopano, kutsimikiziranso kumafunika).
Cholakwikacho chimachitika ngati pempho la satifiketi likuphatikiza mayina angapo nthawi imodzi, iliyonse yomwe imafunikira cheke cha CAA. Chofunikira cha cholakwikacho ndikuti pa nthawi yoyang'ananso, m'malo motsimikizira madera onse, dera limodzi lokha pamndandanda lidawunikidwanso (ngati pempholi linali ndi madera a N, m'malo mwa macheke osiyanasiyana a N, dera limodzi lidawunikidwa N. nthawi). Kwa madera otsalawo, cheke chachiwiri sichinachitike ndipo deta yochokera ku cheke yoyamba idagwiritsidwa ntchito popanga chisankho (ie, deta yomwe idagwiritsidwa ntchito masiku a 30). Zotsatira zake, pasanathe masiku 30 chitsimikiziro choyamba, Let's Encrypt atha kutulutsa satifiketi ngakhale mtengo wa mbiri ya CAA utasinthidwa ndipo Let's Encrypt adachotsedwa pamndandanda wa ma CA ovomerezeka.
Ogwiritsa ntchito omwe akhudzidwa amadziwitsidwa ndi imelo ngati zidziwitso zolumikizidwa zidadzazidwa polandila satifiketi. Mutha kuwona ziphaso zanu potsitsa manambala amtundu wa satifiketi zothetsedwa kapena kugwiritsa ntchito (yomwe ili pa adilesi ya IP, mu Russian Federation ndi Roskomnadzor). Mutha kudziwa nambala ya setifiketi yamalo osangalatsa pogwiritsa ntchito lamulo:
openssl s_client -connect example.com:443 -showcerts /dev/null\
| | openssl x509 -text -noout | grep -A 1 seri\ Nambala | tr -d :
Source: opennet.ru