Let's Encrypt discusses the challenge of intentionally hosting websites with broken certificates for testing purposes, a requirement for Certificate Authorities. They explain the difficulties in maintaining revoked (but not expired) certificates and share their custom Go-based solution to replace complex shell scripts. This addresses a niche but critical need for client testing in the HTTPS ecosystem.
Background
Let's Encrypt is a widely used free Certificate Authority that provides TLS certificates to enable HTTPS on websites. Certificate Authorities must host test sites with intentionally invalid certificates for client validation testing.
- Source
- Lobsters
- Published
- Apr 11, 2026 at 01:41 AM
- Score
- 5.0 / 10