With more and more services using SSL keeping track of the certificates in use across a global infrastructure can be challenging. The inventory reporting features in CFEngine Enterprise can be useful in identifying services using SSL as well as when their certificates will expire.

Automatically detect network failures and reconnect with AutoSSH. This tip lets you create a persistent connection between two servers, or between your desktop and server, and have it automatically re-connect.

SSLping was born as a side project. It’s useful to people, which is cool, but today it was also helpful to me! I use it to monitor my HTTPS websites. This morning, my own SSLping project sent me an email about how my website https://hire.chris-hartwig.com is about to expire (in 10 days): it’s using Letsencrypt, and it’s been 80 days since I installed the cert.

TL;DR you’re never done with Let’s encrypt: once your servers are secure, you must ensure they stay that way. Let’s encrypt is a no brainer: this initiative benefits us all, with free domain-validated certificates. It’s easy to setup and free. There’s probably automatic installation for your web server of choice, the community behind it can help, and tutorials are everywhere. Then you head to https://.com and you’re done… not.

It was in your TodoList: install the SSL certificate. So you’ve setup your SSL certificate on the web server. It’s quite trendy to use SSL. Google will give you a modest ranking bump, some users will feel safer, all is good. You have even tested your configuration with Qualys, got you an A+. Good job: most got a C, even banks. Now what? What will happen when your cert is about to expire? Your CA will send an email to renew your cert. But maybe someone in the accounting dept will get that email.