There has been something that has been bothering me for a few years now and I figured I would post about it, since the deed has been done. For years, I have studied, practiced, and implemented security measures and I even turned it into a career! But T3CHKOMMIE.com was still providing its services in the clear (Over HTTP). After spending the better part of my weekend patching servers and upgrading code, I figured I would stand up my own Root Certificate Authority at T3CHKOMMIE.com and start hosting over HTTPS. This change now provides encryption and a significant improvement to your viewing security.
T3CHKOMMIE.com is still available over HTTP if you don’t particularly care about keeping your browsing private. Or want to ensure what you are seeing is from T3CHKOMMIE.com. However, all internal links will pass you to HTTPS. Open Source code directory is HTTPS ONLY.
I will probably provide a fun PKI post explaining how the Public Key Infrastructure provides Confidentiality, Integrity, and Availability. But for now, I will just mention the things you will need, if you want to use or trust the T3CHKOMMIE.com Root CA.
The main reason for enabling HTTPS with my own Root CA Certificate is to provide you, the readers, with encrypted browsing privacy and to also allow your browsers to validate T3CHKOMMIE.com authenticity. Browsing over HTTPS with the trusted Root CA certificate installed will prevent you from accidentally browsing to an imposter or spoofed sight. Win-win!
To trust the T3CHKOMMIE.com Root CA Certificate:
- Download the certificate from here. (HTTPS link)
- Ensure the certificate is issued to T3CHKOMMIE Root CA and issued by T3CHKOMMIE Root CA
- Install it into your browser’s certificate trust store.
- Browse freely all over T3CHKOMMIE.com in confidence! (Minecraft Overviewer – Live Map is NOT encrypted currently)
NOTE: There is a little bit of extra overhead for HTTPS. Since T3CHKOMMIE.com is hosted over a Raspberry-Pi-Like device, pages may load slower.