DigiNews

Tech Watch by Johan Denoyer

← Back to articles

The difficulty of making sure your website is broken

Quality: 9/10 Relevance: 9/10

Summary

The article explains how to test TLS certificate handling by hosting three certificate states (valid, expired, revoked) and using ACME with Lego in a Go server to manage certificates. It highlights revocation challenges, CRL checks, and browser revocation mechanisms (CRLite), plus practical steps for delaying certificate switchovers to ensure correct behavior. It also references Lets Encrypt’s test roots and emphasizes the importance of robust testing for TLS clients.

🚀 Service construit par Johan Denoyer