[GRLUG] LetsEncrypt ONLINE!!

Evan Roelofs aesospadez at gmail.com
Tue Dec 8 15:28:26 EST 2015


I was in the closed beta and have it on a couple of my sites and services.
The scripts are fully open-source, so if you're really concerned about
their automated systems you can review them yourself or write your own.
Very cool project overall, and a good excuse to run your sites and services
through something like Qualys' SSL Server Test to make sure your HTTPS
parameters are configured optimally.

On Tue, Dec 8, 2015 at 3:22 PM Chris Wieringa <chris at wieringafamily.com>
wrote:

> I ran through the process of cloning the client and retrieving a
> certificate for my home web server.  Overall, it wasn't that much of a
> hassle.
>
> The client performs a 3rd-party verification of your website / domain-name
> by having temporarily hosting a webserver on either port 80 or 443, or by
> writing into your webroot a verification file.  It wrote into the
> .well-known/acme-challenge/ directory in my webroot for that process.
>
> I get a bit annoyed with the default mantra of "we'll do everything for
> you" with the client wanting to reconfigure Apache automatically, but it's
> simple enough to skip that then modify my Apache config for the
> certificates manually.  Likewise, it looks like CSRs can be sent as well if
> you want to do that manually.
>
> Since they issue 90 day certificates, it seems like using the client and a
> cron entry seems like the easiest way to keep this working long-term.
>
> Chris
>
> On Tue, Dec 8, 2015 at 1:06 PM, Thomas Wodarek <kc8zpq at gmail.com> wrote:
>
>> There has been discussion on the LE dev list about web UIs (
>> https://groups.google.com/a/letsencrypt.org/d/msgid/client-dev/CA%2B65OsrZSyX0DpGn5CsrOVbz6TUWv7x9EWdOV9wMoHoDn8oRcg%40mail.gmail.com),
>> the latest of which is https://gethttpsforfree.com.
>>
>> The installed client part is to allow automation, which is pretty much
>> the reason behind the LE project.
>> Is there a way to have a cert issued like any other authority by just
>> submitting a CSR and getting the cert back? And not having to install some
>> special "software" ?
>>
>> On Tue, Dec 8, 2015 at 12:28 PM, L. V. Lammert <lvl at omnitec.net> wrote:
>>
>>>
>>> Public Beta is available as of 3 December:
>>>
>>>         https://letsencrypt.org/2015/12/03/entering-public-beta.html
>>>
>>> Has anyone implement yet?
>>>
>>>         Lee
>>> _______________________________________________
>>> grlug mailing list
>>> grlug at grlug.org
>>> http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug
>>
>>
>>
>> _______________________________________________
>> grlug mailing list
>> grlug at grlug.org
>> http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug
>>
>> _______________________________________________
>> grlug mailing list
>> grlug at grlug.org
>> http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug
>>
>
> _______________________________________________
> grlug mailing list
> grlug at grlug.org
> http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shinobu.grlug.org/pipermail/grlug/attachments/20151208/e7cebb50/attachment-0001.html>


More information about the grlug mailing list