CertKit - Certificate Management
@certkit.io
CertKit SSL Certificate Management automates the discovery, lifecycle, distribution, and monitoring of PKI Certificates.
Learn more at https://www.certkit.io/
Learn more at https://www.certkit.io/
Reposted by CertKit - Certificate Management
Most JavaScript errors in your monitoring dashboard are garbage. Browser extensions, ad blockers, crawlers. Here's how I set up TrackJS to ignore the noise and only alert on real bugs that matter.
www.youtube.com/watch?v=HBaZ...
#javascript #errormonitoring
www.youtube.com/watch?v=HBaZ...
#javascript #errormonitoring
Installing TrackJS on CertKit
YouTube video by TrackJS
www.youtube.com
November 24, 2025 at 4:29 PM
Most JavaScript errors in your monitoring dashboard are garbage. Browser extensions, ad blockers, crawlers. Here's how I set up TrackJS to ignore the noise and only alert on real bugs that matter.
www.youtube.com/watch?v=HBaZ...
#javascript #errormonitoring
www.youtube.com/watch?v=HBaZ...
#javascript #errormonitoring
Eric Brandes just dropped Part 2 of our CT logs deep dive. Tiled logs process 100M+ records/day vs RFC 6962's measly millions. Google throttles you to death, Cloudflare's better, Let's Encrypt's tiled logs are best.
www.certkit.io/blog/searchi...
#PKI #CertificateTransparency
www.certkit.io/blog/searchi...
#PKI #CertificateTransparency
Searching Certificate Transparency Logs (Part 2)
In this post we'll write Golang code to pull Certificate Transparency Log entries and process them at scale.
www.certkit.io
November 19, 2025 at 5:05 PM
Eric Brandes just dropped Part 2 of our CT logs deep dive. Tiled logs process 100M+ records/day vs RFC 6962's measly millions. Google throttles you to death, Cloudflare's better, Let's Encrypt's tiled logs are best.
www.certkit.io/blog/searchi...
#PKI #CertificateTransparency
www.certkit.io/blog/searchi...
#PKI #CertificateTransparency
Certificate Transparency logs contain billions of certificates but searching them is painful. crt.sh is slow and often down. So we built our own free CT search tool that actually works.
Part 1 of our series: www.certkit.io/blog/searchi...
#CertificateTransparency #PKI
Part 1 of our series: www.certkit.io/blog/searchi...
#CertificateTransparency #PKI
crt.sh | Certificate Search
Free CT Log Certificate Search Tool from Sectigo (formerly Comodo CA)
crt.sh
November 17, 2025 at 8:43 PM
Certificate Transparency logs contain billions of certificates but searching them is painful. crt.sh is slow and often down. So we built our own free CT search tool that actually works.
Part 1 of our series: www.certkit.io/blog/searchi...
#CertificateTransparency #PKI
Part 1 of our series: www.certkit.io/blog/searchi...
#CertificateTransparency #PKI
"Revoke Certificate" - It's theater.
Most revoked certs keep working. Chrome, Firefox, Safari each block different revoked certs. The industry knows it's broken, so they're forcing 47-day expiration instead.
www.certkit.io/blog/certifi...
#PKI #CertificateManagement
Most revoked certs keep working. Chrome, Firefox, Safari each block different revoked certs. The industry knows it's broken, so they're forcing 47-day expiration instead.
www.certkit.io/blog/certifi...
#PKI #CertificateManagement
Certificate revocation is broken but we pretend it works
SSL Certificate revocation is so broken that browser vendors gave up trying to fix it. Chrome manually curates 24,000 'important' revocations out of 2 million. Firefox uses bloom filters that flag val...
www.certkit.io
November 11, 2025 at 7:49 PM
"Revoke Certificate" - It's theater.
Most revoked certs keep working. Chrome, Firefox, Safari each block different revoked certs. The industry knows it's broken, so they're forcing 47-day expiration instead.
www.certkit.io/blog/certifi...
#PKI #CertificateManagement
Most revoked certs keep working. Chrome, Firefox, Safari each block different revoked certs. The industry knows it's broken, so they're forcing 47-day expiration instead.
www.certkit.io/blog/certifi...
#PKI #CertificateManagement
Stripe bought their domain in 2010. The previous owner's SSL certificate was valid until 2011.
For an entire year, someone else had a perfectly legitimate certificate for their payment processing.
This is why we're getting 47-day certificates.
www.certkit.io/blog/bygones...
For an entire year, someone else had a perfectly legitimate certificate for their payment processing.
This is why we're getting 47-day certificates.
www.certkit.io/blog/bygones...
BygoneSSL and the certificate that wouldn't die
When domains change hands, old certificates don't. Two researchers at DEFCON found 1.5 million domains with valid certs owned by someone else. This is the security research that killed long certificat...
www.certkit.io
October 27, 2025 at 4:39 PM
Stripe bought their domain in 2010. The previous owner's SSL certificate was valid until 2011.
For an entire year, someone else had a perfectly legitimate certificate for their payment processing.
This is why we're getting 47-day certificates.
www.certkit.io/blog/bygones...
For an entire year, someone else had a perfectly legitimate certificate for their payment processing.
This is why we're getting 47-day certificates.
www.certkit.io/blog/bygones...
Reposted by CertKit - Certificate Management
Netflix doesn't join standards bodies. They build streaming protocols, not bureaucracy. #ssl
Why Netflix Joined the Certificate Wars (And Why It Matters)
hackernoon.com
October 8, 2025 at 4:08 AM
Netflix doesn't join standards bodies. They build streaming protocols, not bureaucracy. #ssl
Reposted by CertKit - Certificate Management
Welcome to #CertKit on #OpsMatters! CertKit gives you one dashboard to see every cert, every renewal, every domain—before they expire and ruin your weekend.
#cybersecurity #certificatemanagement #devops https://opsmtrs.com/46V2Oar
#cybersecurity #certificatemanagement #devops https://opsmtrs.com/46V2Oar
CertKit
CertKit gives you one dashboard to see every cert, every renewal, every domain—before they expire and ruin your weekend.
opsmtrs.com
October 19, 2025 at 7:29 PM
Welcome to #CertKit on #OpsMatters! CertKit gives you one dashboard to see every cert, every renewal, every domain—before they expire and ruin your weekend.
#cybersecurity #certificatemanagement #devops https://opsmtrs.com/46V2Oar
#cybersecurity #certificatemanagement #devops https://opsmtrs.com/46V2Oar
"Nice website you got there. Shame if it was “Not Secure.” That’ll be $300 a year."
www.certkit.io/blog/47-day-...
www.certkit.io/blog/47-day-...
The 47-Day Certificate Ultimatum: How Browsers Broke the CA Cartel
For twenty years, Certificate Authorities ran the perfect protection racket. Then SHA-1 got shattered, Apple went rogue, and certificates went from lasting 3 years to 47 days. This is the story of how...
www.certkit.io
October 6, 2025 at 3:33 PM
"Nice website you got there. Shame if it was “Not Secure.” That’ll be $300 a year."
www.certkit.io/blog/47-day-...
www.certkit.io/blog/47-day-...
It started as 47 beautiful lines of bash. Now it's a distributed certificate system built on thousands of command line incantations nobody understands, running on every server, and some of the printers.
www.certkit.io/blog/why-you...
#devsecops #ssl #certificates
www.certkit.io/blog/why-you...
#devsecops #ssl #certificates
You Built Your Own Certificate Management System - It's Already Broken
It started as 47 beautiful lines of bash. Now it's a distributed certificate system built on thousands of command line incantations nobody understands, running on every server and some of the printers...
www.certkit.io
September 19, 2025 at 9:34 PM
It started as 47 beautiful lines of bash. Now it's a distributed certificate system built on thousands of command line incantations nobody understands, running on every server, and some of the printers.
www.certkit.io/blog/why-you...
#devsecops #ssl #certificates
www.certkit.io/blog/why-you...
#devsecops #ssl #certificates
Reposted by CertKit - Certificate Management
I had a fantastic time chatting with @richcampbell.bsky.social about Certificate management (specifically how much it sucks) and how we're trying to make it better at @certkit.io.
Do you have strong feels about certificates? I'd love to chat with you about it.
Do you have strong feels about certificates? I'd love to chat with you about it.
September 17, 2025 at 7:05 PM
I had a fantastic time chatting with @richcampbell.bsky.social about Certificate management (specifically how much it sucks) and how we're trying to make it better at @certkit.io.
Do you have strong feels about certificates? I'd love to chat with you about it.
Do you have strong feels about certificates? I'd love to chat with you about it.
Apple wants #SSL certificates to last only 47 days.
Remember when they lasted 3 years? Then 2? Then 1? Now we're speed-running toward daily renewals.
Your bash script from 2019 isn't ready for this
certkit.io/blog/why-we-built-certkit
Remember when they lasted 3 years? Then 2? Then 1? Now we're speed-running toward daily renewals.
Your bash script from 2019 isn't ready for this
certkit.io/blog/why-we-built-certkit
CertKit SSL Certificate Management
CertKit SSL Certificate Management automates the discovery, lifecycle, distribution, and monitoring of PKI Certificates.
certkit.io
September 3, 2025 at 8:07 PM
Apple wants #SSL certificates to last only 47 days.
Remember when they lasted 3 years? Then 2? Then 1? Now we're speed-running toward daily renewals.
Your bash script from 2019 isn't ready for this
certkit.io/blog/why-we-built-certkit
Remember when they lasted 3 years? Then 2? Then 1? Now we're speed-running toward daily renewals.
Your bash script from 2019 isn't ready for this
certkit.io/blog/why-we-built-certkit