Comment on Decreasing Certificate Lifetimes to 45 Days
nialv7@lemmy.world 2 days agoour org forbids plain http
is redirecting http to https also out of the question? because let’s encrypt HTTP-01 accepts http -> https redirects:
Our implementation of the HTTP-01 challenge follows redirects, up to 10 redirects deep. It only accepts redirects to “http:” or “https:”, and only to ports 80 or 443. It does not accept redirects to IP addresses. When redirected to an HTTPS URL, it does not validate certificates.
jj4211@lemmy.world 2 days ago
They in fact refuse to even do a redirect… it’s monumentally stupid and I’ve repeatedly complained, but ‘security’ team says port 80 doing anything but dropping the packet or connection refused is bad…
nialv7@lemmy.world 2 days ago
oh my god