⚠️ Apparently, this goes against letsencrypt's ToS and I can't use their certificates in such manner. And I have to drop this tool. I would hav...
For further actions, you may consider blocking this person and/or reporting abuse
This is absolutely horrible advice. You are literally saying 'it's ok to trust someone because they say they are trustworthy'. That is the worst security advice there is.
You can create your own self signed certificate very easily that allows you to test your web code. digitalocean.com/community/tutoria... should work for most linux distributions.
Beyond that, you could also do much better by using LetsEncrypt to generate a test and a production certificate, both of which would be good for 90 days, and simply re-renew them through the acme framework or other similar tools.
Where am I saying this?
I am afraid you totally misunderstood the point of this post. This has nothing to do with trust at all. It is not meant to be secure nor trusted.
It strictly works for
localhost, and merely to satisfy Chrome while testing if your asset URLs are all https, all your cookies are secure etc.This CANNOT be used in production, because as mentioned in the article, the domain points to 127.0.0.1. And even if I change the domain to another IP address, visiting it would be simply like visiting any URL on the vast web.
The link you cite has nothing to do with this post.
I am getting following error -- An error occurred during a connection to ez-s.io:5000. Peer’s Certificate has been revoked. Error code: SEC_ERROR_REVOKED_CERTIFICATE
I updated the article :(
What exactly did this violate?
I fail to see how this could be exploited?
Is it because you don't actually own ez-s.io?
I own ez-s.io.
I agree. I read their terms and it does not violate them since I own the domain. But the other caveat is that they allow anyone who has access to the private key to revoke the certificate. So even if they didn't mind, someone will inevitably revoke
my certificate just for a laugh.