koldfront

Let's Encrypt! #security

🕡︎ - 2015-11-29

After applying to join the Let's Encrypt beta program a while back, I got an email with an invite for the domains I registered.

Yesterday I set it up, using the '--standalone' mode of the letsencrypt-auto program - so I had to close down the webserver while it ran - and configured Apache to use the certificate obtained.

Lo and behold, it works!

Very nice, and very nice job by the people working on Let's Encrypt!

I missed a good handful of my (sub)domains, so I have applied for those, and I am planning to get a certificate for use by my mail server, and one for my XMPP server next.

And then I need to automate the renewal of certificates - Let's Encrypt have chosen than certificates are valid for 90 days, making the downside of a security breach relatively small, while also encouraging people to automate the process.

Add comment

To avoid spam many websites make you fill out a CAPTCHA, or log in via an account at a corporation such as Twitter, Facebook, Google or even Microsoft GitHub.

I have chosen to use a more old school method of spam prevention.

To post a comment here, you need to:

¹ Such as Thunderbird, Pan, slrn, tin or Gnus (part of Emacs).

Or, you can fill in this form:

+=