[Cryptography] letsencrypt.org
Jason Cooper
cryptography at lakedaemon.net
Wed Sep 13 17:44:13 EDT 2017
Hi Bayuk,
On Wed, Sep 13, 2017 at 02:18:40PM -0400, Bayuk wrote:
> Has anyone on this list contributed to https://letsencrypt.org/ - and/or
> otherwise have personal experience, caveats, recommendations with respect to
> the current service or roadmap?
It's extremely useful, with the caveat that certificates are only valid
for 90 days (by design), and require admin privileges to install.
To maximize it's usefulness, it's worth the time investment to set up a
cron job to automatically renew the certs. Note that this must run as
root (admin).
The good folks over in BSD-land created a nice, privilege-separated tool
for this task, acme-client [1]. I've been using for quite a while
(before it was renamed from letskencrypt), and been really happy.
Good luck,
Jason.
[1] https://kristaps.bsd.lv/acme-client/
More information about the cryptography
mailing list