ZeroSSL: XSS to session hijacking, stealing a private key (and password hash)

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
#Certificate #Letsencrypt #ACME #Security #Signing

Our great sponsors
  • InfluxDB - Access the most powerful time series database as a service
  • SonarQube - Static code analysis for 29 languages.
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • dehydrated

    letsencrypt/acme client implemented as a shell-script – just add water

    Dehydrated.io, damn few dependencies.

    You're welcome.

    https://github.com/dehydrated-io/dehydrated

  • acme-tiny

    A tiny script to issue and renew TLS certs from Let's Encrypt

    Going to throw another hat into the ring here: I use acme-tiny [1], which is a single file ACME client written in Python in under 200 lines. The idea behind it is that you can fully read and understand everything it does without spending too much time on it. I really like this approach, so I went ahead and started using it, and have been for a few years now.

    [1] https://github.com/diafygi/acme-tiny

  • InfluxDB

    Access the most powerful time series database as a service. Ingest, store, & analyze all types of time series data in a fully-managed, purpose-built database. Keep data forever with low-cost storage and superior data compression.

  • lego

    Let's Encrypt/ACME client and library written in Go

    I too am moving away from acme.sh for the same reason. Dehydrated looks nice but I started using goacme.

    https://github.com/go-acme/lego

    I wasn't set on only bash though.

  • chromium

    The official GitHub mirror of the Chromium source

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts