July 6, 2021How to Patch Java 7 Certificate Store to Support Let's EncryptDo you have to support a very old Java application? Old as in only runs on 1.7.0_21-b11? And this application needs to access websites on servers using Let’s Encrypt? Especially after September 2021, when the widespread DST Root CA X3 certificate will expire? There is help. keytool to the rescue Oracle kindly provides keytool. With keytool you can view and manipulate the contents of the Java certificate store, which usually can be found at /lib/security/cacerts within in your Java runtime....
February 22, 2021How to Check the Expiry Date of an SSL/TLS CertificateFor a couple of years now, I use the fantastic (and free*) service by Let’s Encrypt in order to generate SSL/TLS certificates. One of the main differences to paid certs is that the ones of Let’s Encrypt are only valid 90 days. This sounds bad at first, but actually this is a good thing from a security perspective, and anyway, you do not create / renew certs manually, but one of the many clients do this for you automatically....