Anyone using Let's encrypt?
-
Anyone using this? Looks like it's supported by all browsers.
https://letsencrypt.org/howitworks/ -
Yes, Have been since beta.
-
Several of us use it on here
-
Awesome. Anyone use it for IIS? It looks like using Certify is the best way to set it up?
-
@lance said in Anyone using Let's encrypt?:
Awesome. Anyone use it for IIS? It looks like using Certify is the best way to set it up?
I don't use IIS, sorry =/
-
The only reason I have IIS is Exchange. I just buy a cert for it and be done.
-
No IIS here either.
-
@JaredBusch said in Anyone using Let's encrypt?:
The only reason I have IIS is Exchange.
OP, are you using this for Exchange as well?
-
@lance No on prem exchange here.
-
@aaronstuder said in Anyone using Let's encrypt?:
@JaredBusch said in Anyone using Let's encrypt?:
The only reason I have IIS is Exchange.
OP, are you using this for Exchange as well?
I should clarify, I may or may not have IIS running a webserver, but all of them are behind a Nginx proxy that handles all the SSL (with Letsencrypt), except for the sites with Exchange servers.
-
@JaredBusch Gotcha. Good way to do it.
-
@lance said in Anyone using Let's encrypt?:
@JaredBusch Gotcha. Good way to do it.
Said Nginx proxy is running on CentOS 7 everywhere. Thus I use
certbot. -
Yup. We use it everywhere, including on MangoLassi.
-
I haven't heard of it until a week or so ago either on here or SW.
Are there any reasons not to use it on your personal site? I'm thinking about it, but Hostgator still wants to charge a $10 fee to use your own SSL cert instead of buying it through them. So I figure if I gotta pay money anyways...
Just wondering if anyone has any reasons? Otherwise, all looks superb from what I can tell, and I'll get one for myself.
-
It's excellent and free. Don't know if any reason not to use it.
-
@Tim_G said in Anyone using Let's encrypt?:
I haven't heard of it until a week or so ago either on here or SW.
Are there any reasons not to use it on your personal site? I'm thinking about it, but Hostgator still wants to charge a $10 fee to use your own SSL cert instead of buying it through them. So I figure if I gotta pay money anyways...
Just wondering if anyone has any reasons? Otherwise, all looks superb from what I can tell, and I'll get one for myself.
If your on shared hosting, I could understand that. I've had anything I wanted to do on a vultr VPS, which makes using your own SSL certs easy, and certbot (the Let's Encrypt client) makes it even easier.
-
Just an update...
In the end, I went with StartSSL.com for a free SSL certificate on my personal blog website instead of LetsEncrypt.org.
The first reason was because I have a shared hosting account through HostGator, which means I would have to use the "manual" process through LetsEncrypt.org. I don't want to do that because I don't want to "need to repeat it several times per year as your certificate expires.", as it says on their getting started page. The second reason, their way of setting it up is rather annoying and I just don't feel like doing it that way. Those two reasons by themselves drew me away from it.
StartSSL lasts for 3 years, was simple to obtain and set up, and I don't have to do anything until it expires.
I edited my .htaccess to force HTTPS, and made sure all of the images and such link from HTTPS as well, thus giving me a green lock icon on Firefox.
The only caveat, was that I had to pay HostGator $10 to use a third-party SSL cert. Still better, as it would have been $30+ at least doing it all through them.
-
@Tim_G you can make a one line script that updates LetsEncrypt through the manual method in a few seconds. Just throw it in crontab and you are all set.
-
@scottalanmiller said in Anyone using Let's encrypt?:
@Tim_G you can make a one line script that updates LetsEncrypt through the manual method in a few seconds. Just throw it in crontab and you are all set.
I figured it would be something like that, but i have shared hosting, don't have room for a linux box, and don't want to turn my personal PC into a hypervisor.
Maybe in the future, but it cuttently fits my life much better to go startssl. Nothing against at all, in fact I preferred it.
