FYI Do you want a list of your let's encypt certs?

big charlie

Active Member
Joined
Aug 20, 2013
Messages
115
Reaction score
30
You guys already know about this?

This may be usefully and/or scary. Enter a domain and you get a list of certs on it, incl subdomains. So if you have subdomains that you think are hidden, they can be found here.


 

jerrm

Guru
Joined
Sep 23, 2015
Messages
838
Reaction score
405
Could be an argument for wildcard certs, but best assumption is anything publicly accessible will be found.
 

dicko

Still learning but earning
Joined
Oct 30, 2015
Messages
1,607
Reaction score
826
I'm a liitle confused here, do you guys think that a valid ssl/tsl certificate is to protect yourselves?

(It is vise versa)

How has anybody used these public records of certs (which by definition need to be public), to find a hostname of any ip that acceptably uses it?


Bigger problem, if you loose control of a wildcard cart, all your stuff is exposed
 
Last edited:

jerrm

Guru
Joined
Sep 23, 2015
Messages
838
Reaction score
405
I'm a liitle confused here, do you guys think that a valid ssl/tsl certificate is to protect yourselves?

(It is vise versa)

How has anybody used these public records of certs (which by definition need to be public), to find a hostname of any ip that acceptably uses it?


Bigger problem, if you loose control of a wildcard cart, all your stuff is exposed
I'm not saying anything other than wildcard as an option if the dns name being exposed via the certificate concerns you.

Outside of temp/test scenarios, I don't use wildcard certs.

If a system is on the net, assume it will be discovered and probed.

Also, it should be noted the information is not limited to letsencrypt certs. Thread title implies this is a letsencrypt "issue." It isn't - it applies to all certs - just the way things are.
 

dicko

Still learning but earning
Joined
Oct 30, 2015
Messages
1,607
Reaction score
826
Well, I would agree, but the concept of expecting a 'cert' to be in any way 'anonymous' is to me just plain wtf bizarre
 

jerrm

Guru
Joined
Sep 23, 2015
Messages
838
Reaction score
405
Well, I would agree, but the concept of expecting a 'cert' to be in any way 'anonymous' is to me just plain wtf bizarre
Very little is anonymous these days.

I think finding out "some.obscure.hostname.mydomain.com" is so easily discovered was the shock. Security through obscurity is foolhardy, but I can understand the reaction once faced with the reality check.

A lot of folks who should know better are surprised at how much info is readily available for free at sites like censys.io or shodan.io with google search simplicity.
 

Members online

Forum statistics

Threads
25,782
Messages
167,509
Members
19,202
Latest member
pbxnewguy
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.
Top