Jump to content

Free SSL from Q2 2015


Joss
 Share

Recommended Posts

Just in case anyone missed it...

https://letsencrypt.org/2014/11/18/announcing-lets-encrypt.html

The headline is:

Let’s Encrypt is a new Certificate Authority: 
It’s freeautomated, and open
Arriving Summer 2015

Extract:

Let’s Encrypt is a new free certificate authority, built on a foundation of cooperation and openness, that lets everyone be up and running with basic server certificates for their domains through a simple one-click process.

Mozilla Corporation, Cisco Systems, Inc., Akamai Technologies, Electronic Frontier Foundation, IdenTrust, Inc., and researchers at the University of Michigan are working through the Internet Security Research Group (“ISRG”), a California public benefit corporation, to deliver this much-needed infrastructure in Q2 2015. The ISRG welcomes other organizations dedicated to the same ideal of ubiquitous, open Internet security.

  • Like 15
Link to comment
Share on other sites

Also worth reading:

http://en.wikipedia.org/wiki/SPDY

SPDY requires the use of SSL/TLS (with TLS extension ALPN), and does not support operation over plain TCP. The requirement for SSL is for security and to avoid incompatibility when communication is across a proxy.

http://en.wikipedia.org/wiki/HTTP/2

Some implementations, such as Firefox,[16] have stated that they will only support HTTP/2 when it is used over an encrypted connection.[17]

This is where we are going, and if not for anything else, at least for performance reasons you should adopt this as early as possible.

  • Like 1
Link to comment
Share on other sites

  • 6 months later...
  • 4 weeks later...
  • 3 months later...

After banging my head on the wall recently trying to get a certificate for personal use from a commercial CA, I must say that this service would be very much welcome. I'm perfectly fine with paying for certificates intended for commercial use (not to mention that in those cases the request process has so far been smooth and painless), but for non-commercial use free and open alternatives are a must.

</rant>

  • Like 1
Link to comment
Share on other sites

Another topic about letsencrypt: https://processwire.com/talk/topic/8338-free-ssl-from-q2-2015/
If needed I create my own certificates and tell the browser to allow it. Useful for webmaster access and really secure. (Even the NSA will take some time to crack it. ;) )
I am not sure if low budget hosters accept letsencrypt. Any experiences?
And finally I don't really trust: https://raindog308.com/the-problems-with-the-lets-encrypt-project/

Link to comment
Share on other sites

  • 1 month later...

Greetings,

This is great news, as I have been spending a lot of time lately looking for SSL solutions for some of my sites.  I'll be putting this SSL into place in some of my smaller sites and will report back on it later.

LostKobraki: nice portfolio site.  Although some of the shots made me forget what we were talking about!

Thanks,

Matthew

  • Like 1
Link to comment
Share on other sites

  • 4 weeks later...

@benbyford I got a little lost in the Docs and found them hard to follow. Eventually I reverted to a Plesk extension which did the hard work for me. Which part are you stuck on?

I found that the default PW .htaccess was preventing the installation of the extension and had to temporarily rename it.

Link to comment
Share on other sites

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...