Annual SSL Certificate Refresh

This is a reminder that our annual certificate renewal period is coming up soon. Usually, we have our certificates issued some time in December, and certificate issuers allow for a grace period up to some time in January. We’re now in that grace period, so our certificates are going to be renewed and cycled throughout our infrastructure.

This’ll be the first year that we have no need to publish the SHA-1 fingerprint of our new certificate, since it’s practically broken.

The SHA-256 fingerprint for our new certificate is as follows;

9C:21:F5:B4:8D:26:16:AC:FB:83:47:92:27:DC:87:C8:D3:61:9E:1A:E4:EB:73:F5:B5:F9:AE:2D:6B:1F:43:6D

The SHA-512 fingerprint for our new certificate is as follows;

B6:76:43:C3:9A:93:FA:44:2E:DB:6A:20:2C:0B:28:CE:54:2D:D8:9B:56:7B:61:C2:8C:18:57:2C:DF:5C:AB:C5:25:28:DE:A8:53:8C:82:4A:6A:AF:B4:E0:04:47:56:C4:8D:03:35:A0:D8:F0:F5:6A:FE:73:33:92:B4:0D:C9:BA

3 thoughts on “Annual SSL Certificate Refresh

  1. I have been told your SSL certificate on your SMTP port for incoming mail is bad, this is causing me to lose email:

    Jan 10 20:55:37 bendel/bendel postfix/smtp[29218]: D4785176: to=, relay=mx02.mykolab.com[95.128.36.40]:25,
    delay=88592, delays=88580/0.12/12/0, dsn=4.7.5, status=deferred (Server certificate not trusted)
    Jan 10 20:55:38 bendel/bendel postfix/smtp[29190]: 8F50B6D: to=, relay=mx02.mykolab.com[95.128.36.40]:25,
    delay=4769, delays=4756/0.15/13/0, dsn=4.7.5, status=deferred (Server certificate not trusted)

    This was working prior December 28.

Comments are closed.