Hi.
I just signed up for a free account and thank you for free hosting php and a cpanel first of all.
Second, I am doing tasks (like signing up for SSL certs thru EFF) that require specific fingerprinting. I didn’t read too much documentation, but at this point I assume I’m on a LAMP shared server. What flavor of Linux? Sorry if i missed the obvious but I’m managing a lot right now. I tried to PuTTy into the IP to get an HTTP response to work off of and putty crashed, so I figured I’d just ask.
Only a very specific type of SSL certificates work here due to how the control panel is setup. Your best bet is to just use the SSL tool in the client area. It’s free, and can install the certificate for you. Best of all, it creates the only type of certificate that the panel will accept.
I have a request sitting with Google Trust now in draft. Thank you.
I’m still curious, did I miss something in basic web development that would have told me what *nix OS we’re on? I haven’t touched web development in years and never got an ssl cert that required me to specify OS/variant. I’d rather learn from this experience. Thanks!
The server OS is not exactly advertised, as it could create a security issue if a vulnerability appears for that server type and version. So no, I would not say that you missed something
I believe having picked “web hosting service” would have been the best option from the dropdown, although it’s still uncertain if it would work with our system so it’s best that you went with Google Trust; I believe the option in the dropdown exists exactly because you’re not expected to know the specific OS flavor your hosting service is running.
No problem guys. I was just curious as to if I missed something. I had a pretty good idea what I was running already, but EFF wanted linux flavor specific info. I’ll just wait impatiently on the Google certificate. It seems like it’s a crazy pain to get their cert set up on your own without shell. Apparently it’s a whole thing with ACME and python, which I do not have access to.
I just want to point out, there is not security in obscurity. OS Fingerprinting is rather trivial. It makes it more difficult from a dev standpoint, but not so much from a security standpoint. My humble opinion and experience, as a rather inexperienced security researcher and programmer. If that was the motive.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.