|
|
|
|
|
|
by adamtj
4017 days ago
|
|
|
Even if a MITM can intercept HTTP requests to your server, they still can't hijack your registration attempt. The real problem is that if somebody can intercept your HTTP traffic, they can register their own account key. After all, they can control your domain, and that's all letsencrypt cares about! If you haven't already registered an account key, I can't see how anything would stop them. If you already use a different CA and don't want to bother with letsencrypt, you might never find out either! |
|
|