Let's Encrypt has disabled ACME TLS-SNI validation a couple of days ago, and now announces it's not going to be a validation option for new accounts, and SNI validation will be deprecated for the new API.
No details on the reasons for that move, except that it's a risk in shared hosting environments.

community.letsencrypt.org/t/20

#infosec

@wxcafe Whoops, was skimming too quickly over that - I had just assumed that it links just to the very short original announcement from a couple of days ago.... 😓

Sign in to participate in the conversation
Mastocafé

This is an open mastodon instance for social justice activists, LGBTQIA+ people, and people who are aware of such subjects and care about them.

See the Goals, rules, and technical details for more information