alt Hacker NewsAnyone else got a really weird Chorme pop-up asking which cert to use for su3.io:443?
Very bizarre, never seen that before.
Thumbprints:
- 60949a09aab8677f87a0b9eda7099a03ca510fb3
- 1b146798f0dc93773247e86312f1b730c4eeebb3Replies
embedding-shape • today at 3:58 PM
Here it attempts to read my personal certificate that sits in the browser that I use for filling my taxes and do government stuff, suspicious indeed.
➕ show 3 replies
sunaookami • today at 4:04 PM
Same on Firefox
linsomniac • today at 3:46 PM
Same on Arc
jorl17 • today at 3:33 PM
Same on Zen
> Very bizarre, never seen that before.
For my own stuff that's not meant for a wider audience, I sometimes use mTLS in front of my apps, alongside self-signed certs (my own CA) that shouldn't show up in certificate transparency logs.
This site also seems to be requesting a certificate from the user. Normally you probably don't want that for public facing resources.