Free SSL from Q2 2015

[Joss]

Just in case anyone missed it...

https://letsencrypt.org/2014/11/18/announcing-lets-encrypt.html

The headline is:

Let’s Encrypt is a new Certificate Authority: 
It’s free, automated, and open. 
Arriving Summer 2015

Extract:

Let’s Encrypt is a new free certificate authority, built on a foundation of cooperation and openness, that lets everyone be up and running with basic server certificates for their domains through a simple one-click process.

Mozilla Corporation, Cisco Systems, Inc., Akamai Technologies, Electronic Frontier Foundation, IdenTrust, Inc., and researchers at the University of Michigan are working through the Internet Security Research Group (“ISRG”), a California public benefit corporation, to deliver this much-needed infrastructure in Q2 2015. The ISRG welcomes other organizations dedicated to the same ideal of ubiquitous, open Internet security.

[gurkendoktor]

i read this yesterday. great initiative. after that, no excuses to not encrypt traffic anymore!

[Joss]

Quite.  And with search engines (well, Google) saying they would "prefer" to see secure sites at the top of the results, there will be a need too.

[gurkendoktor]

Also worth reading:

http://en.wikipedia.org/wiki/SPDY

SPDY requires the use of SSL/TLS (with TLS extension ALPN), and does not support operation over plain TCP. The requirement for SSL is for security and to avoid incompatibility when communication is across a proxy.

http://en.wikipedia.org/wiki/HTTP/2

Some implementations, such as Firefox,^[16] have stated that they will only support HTTP/2 when it is used over an encrypted connection.^[17]

This is where we are going, and if not for anything else, at least for performance reasons you should adopt this as early as possible.

[bernhard]

news: https://letsencrypt.org//2015/06/16/lets-encrypt-launch-schedule.html

[Pierre-Luc]

Let's hope all major browsers will add them to their secure lists! Has good potential

[netcarver]

I'm looking forward to this!

[Troost]

Cool, thanks for sharing!

[LostKobrakai]

Not quite Q2 of 2015, but the certs are finally trusted by major browsers and therefore really usable (even if I'd try it on private projects first): https://letsencrypt.org/2015/10/19/lets-encrypt-is-trusted.html

[netcarver]

Great news! General availability of the service should be close now.

[MuchDev]

exciting

[teppo]

After banging my head on the wall recently trying to get a certificate for personal use from a commercial CA, I must say that this service would be very much welcome. I'm perfectly fine with paying for certificates intended for commercial use (not to mention that in those cases the request process has so far been smooth and painless), but for non-commercial use free and open alternatives are a must.

</rant>

[OrganizedFellow]

https://letsencrypt.org/ Let’s Encrypt is a new Certificate Authority: 
It’s free, automated, and open. 
Arriving Q4 2015

i am VERY excited about this!!!

Edited October 22, 2015 by kongondo
Merged topics :-)

[kixe]

Another topic about letsencrypt: https://processwire.com/talk/topic/8338-free-ssl-from-q2-2015/
If needed I create my own certificates and tell the browser to allow it. Useful for webmaster access and really secure. (Even the NSA will take some time to crack it. )
I am not sure if low budget hosters accept letsencrypt. Any experiences?
And finally I don't really trust: https://raindog308.com/the-problems-with-the-lets-encrypt-project/

[OrganizedFellow]

Another topic about letsencrypt: https://processwire.com/talk/topic/8338-free-ssl-from-q2-2015/

AWW MAANNNNN, I did a forum search for 'letsencrypt' but it did not return any results. I should've used The Googles.

[Peter Knight]

Public Beta opening today apparently. Anyone planning on making HTTPS their default from here in?

[LostKobrakai]

I'll wait some time and see if there are any issues, especially with the tool they provide. If I need a new cert for any private site the next time I'll certainly give it a go.

[MuchDev]

I'll be rolling this out to my personal site when I get some time. I never bothered to set up encryption on a one page business card site. I'll let you know if I have issues .

[LostKobrakai]

I just rolled it out on my photography portfolio, as the hoster is super active in tech. stuff and has already automated most of the hard work of setup. Went nearly to well. 3 ssh commands and some "I Agree" statements and I'd my site encrypted in about 10 minutes.

[MatthewSchenker]

Greetings,

This is great news, as I have been spending a lot of time lately looking for SSL solutions for some of my sites.  I'll be putting this SSL into place in some of my smaller sites and will report back on it later.

LostKobraki: nice portfolio site.  Although some of the shots made me forget what we were talking about!

Thanks,

Matthew

[LostKobrakai]

LostKobraki: nice portfolio site.  Although some of the shots made me forget what we were talking about!

Pizza! Definetly pizza.

[Peter Knight]

Theres a nice Plesk Extension now for Lets Encrypt

[benbyf]

tried letsencrypt on my DigitalOcean server running Ubuntu and Nginx and totally failed to get heads of tails of it... :/

[Peter Knight]

@benbyford I got a little lost in the Docs and found them hard to follow. Eventually I reverted to a Plesk extension which did the hard work for me. Which part are you stuck on?

I found that the default PW .htaccess was preventing the installation of the extension and had to temporarily rename it.

[gurkendoktor]

i installed it on my DigitalOcean VPS and run it in --certonly mode (as I run nginx). Worked like a charm, instantly.