Slashdot Mirror

← Back to Stories (view on slashdot.org)

Let's Encrypt Is Now In Public Beta (eff.org)

Posted by timothy on from the first-person-plural dept.

Peter Eckersley writes: As of today, Let's Encrypt is in Public Beta. If you're comfortable running beta software that may have a few bugs and rough edges, you can use it to instantly obtain and install certificates for any HTTPS website or TLS service. You can find installation instructions here.

4 of 135 comments (clear)

  1. Re:But Why? by blackiner · · Score: 4, Informative

    There is a pretty writeup about modern TLS issues on lwn: http://lwn.net/Articles/664385...
    It seems that certificate revocation is not working particularly well in practice. The 90 day duration is meant to help with this, you can simply let the certificate expire.

  2. Some people are just hard to please... by itsdapead · · Score: 3, Informative

    I understand that the target audience is admins, and that this is beta, but really?

    Have you ever had to generate a certificate request, get it signed by a CA and install it in your web server? Its not rocket science but its certainly tedious with a dense jargon thicket to battle through.
    ./letsencrypt-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
    ...is improvement beyond recognition.

    Anyway, there's a lot of infrastructure behind that command line that should make it easy for the likes of CPanel, Plesk or maybe even Wordpress to wrap it in a nice point-and-drool dialog.

    --
    In a survey of 100 programmers, 111111 thought that duck-typing was a good idea.
  3. Re:But Why? by itsdapead · · Score: 4, Informative

    Bear in mind that current free certificates from the likes of StartSSL expire after 1 year anyway - and are at least 4 times more hassle to obtain and install than Lets Encrypt is shaping up to be.

    --
    In a survey of 100 programmers, 111111 thought that duck-typing was a good idea.
  4. Re:Check their own SSL its from a french company by guruevi · · Score: 1, Informative

    a) You should be renewing your SSL certificates more frequently anyway to prevent nation-states from guessing your private key by analysis of your weaker SSL protocols.
    b) You automate it, it costs you $100 once and you have a lifetime of SSL certificates across your entire server farm if need be. I think hosting providers may even opt to insert it right into your base images.
    c) Commercial entities and green bars really don't provide any extra security. The entire green bar is a marketing scam, it doesn't prove anything as has been proven by people being able to obtain illicit ones.

    --
    Custom electronics and digital signage for your business: www.evcircuits.com