The new certificate for https://toolslib.net is now online. It is valid from 15/04/2016 to 11/05/2018.
The new SHA256 fingerprint is:
F9:56:B0:23:C9:21:56:DC:AB:9C:52:BC:E4:0F:30:B8:B6:B4:55:D6:2C:C2:F8:72:20:F1:B2:4B:F4:DD:FB:4F
The sysadmin team signed it, so you can verify it:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
F9:56:B0:23:C9:21:56:DC:AB:9C:52:BC:E4:0F:30:B8:B6:B4:55:D6:2C:C2:F8:72:20:F1:B2:4B:F4:DD:FB:4F
-----BEGIN PGP SIGNATURE-----
iHIEARYIABoFAljyxP4THGplcm9tZUBmcjMzdHV4Lm9yZwAKCRAY6JnmgMT/YoA6
AP0YsjJGKA+9NOvw67Pgr0ts3S15hCZASoFGs6+XwqCU5QEA1z7yXc19/6cX5aGo
B6R6fLHDSiaN3GpD1frNbIfdewU=
=vrLs
-----END PGP SIGNATURE-----
The signature and fingerprint can also be compared with the one available on this another independant server.
Also, we now support RFC 6844, Certification Authority Authorization: we allow only Gandi.net to generate certificates for the domain toolslib.net, and letsencrypt.org for dashboard.toolslib.net. Any other attempt to generate a certificate by another authority should fail - this check should be mandatory by September 2017.
Thanks to other minor changes, you may also see up to 10% speed improvement, especially in large HTTP requests.
Finally, we've rolled-out the support for three additional ciphers, and users without AES-NI support will benefit most of this:
ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305