Forgot to post, but did some unexpected debugging of cross-certificates and dusted off some old applied crypto neurons.

In case anyone wants to learn a bit about CA changes, I present a quick writeup on fixing lack of trust between the HARICA root CA in my trust store & a .onion certificate I bought:

Sign in to participate in the conversation

Taking the "Twitter" out of "InfoSec Twitter."