We have now improved the speed of loading and extraction of downtimes.
No - there wasn't bug in our code on Thu morning and the wall didn't deserve the words. It was an actual downtime that we detected 11 minutes before Let's Encrypt.
I‘m wonderhing how much sense it makes to penetrate a service that‘s for free with 80k certificate requests just to check whether it‘s up... I mean, isn‘t there an official status page for Let‘s Encrypt?
You don't necessarily need the aircraft to emit any signals, you may be able to detect changes in the background RF emissions reflected or distorted by the aircraft. It would have to be enormously CPU expensive but if you can correlate changes in tens or hundreds of frequencies, I can imagine it could be done.
I kind of hoped that the background video would be better than text description. I try to think of the main reason for that but probably as we believe the main difference is the quick server enrolment and ongoing automation of that.
Still working on this - it's incredibly hard to reach out to people who need this kind of tool.
It is a cert expiry monitoring tool (but it does more thorough checks in regular intervals as well). In terms of main features:
Spot Checks (no sign-up needed - you can test it at https://keychest.net - an instant feedback to get the configuration of a new server right as quickly as possible. It will tell you if your server uses the correct certificate, whether it sends a complete trust chain, the HSTS configuration, or whether IPv6 works as expected (9-10 basic tests to verify your config).
Server/domain enrolment - a) a server at a time (URL & port), b) bulk enrol (50 servers at a time, one per line) c) "active domain" - you set your domain name, KeyChest will automatically discover and keep discovering all servers/certs in all sub-domains.
Scanning & monitoring - DNS resolve, discovery of new certificates, direct tests of servers (TLS handshakes) - intervals are described in the User Manual inside your account.
Enterprise features (user management, internal networks, custom root certs, independent scanners) are not available here.
Thanks for your kind words. ManageEngine Key Manager Plus has got lot more features than just SSL Certificate Management. Please get in touch with us via keymanagerplus-support@manageengine.com to know more about the product.
I agree, but you could say that any of major issuers was reputable 2, 5, ... years into issuing certificates. Being new doesn't mean you're better long term.
But I personally like the fact there's much less commercial pressure on LE - for the time being at least.
No - there wasn't bug in our code on Thu morning and the wall didn't deserve the words. It was an actual downtime that we detected 11 minutes before Let's Encrypt.