/plushcap/analysis/cloudflare/tracing-soon-to-expire-federal-gov-certificates-with-ct-logs

Tracing Soon-to-Expire Federal .gov Certificates with CT Monitors

What's this blog post about?

The US Government shutdown in December 2018 resulted in the expiration of TLS certificates on some .gov websites, highlighting a common issue on the internet - the usage of expired certificates and their erosion of trust. This situation emphasizes the importance of regularly updating and renewing these certificates to maintain website security and user trust. TechCrunch recently published a list of soon-to-expire certificates for .gov domains, using data from 18F, the federal government's digital services unit. Cloudflare's Certificate Transparency (CT) monitor, Merkle Town, is one example of a third-party tool that can help track expired .gov certificates. The Nitty-Gritty section explains how this process works and provides an example of unexpected misconfigurations found during the research. Automating certificate renewals is suggested as a solution to prevent expired certificates and misconfigured TLS in the future.

Company
Cloudflare

Date published
Jan. 23, 2019

Author(s)
Gabbi Fisher, Brendan McMillion

Word count
1244

Language
English

Hacker News points
None found.


By Matt Makai. 2021-2024.