Let's Encrypt Takes Free “Wildcard” Certificates Live

posted by cmn32480 on Wednesday March 14, @02:16PM   Printer-friendly
from the simple-cypers dept.
Security

An Anonymous Coward writes:

Arstechnica reports

In July of 2017, the nonprofit certificate authority Let's Encrypt promised to deliver something that would put secure websites and Web applications within reach of any Internet user: free "wildcard" certificates to enable secure HTTP connections for entire domains. Today, Let's Encrypt took that promised service live, in addition to a new version of the Automated Certificate Management Environment (ACME) protocol, an interface that can be used by a variety of client software packages to automate verification of certificate requests.

[....]Many hosting providers already support the registration of Let's Encrypt certificates to varying degrees. But Let's Encrypt's free certificate offering hasn't been snapped up by some larger hosting providers—such as GoDaddy—who also sell SSL certificates to their customers.

Original Submission


  • (Score: 3, Informative) by The Mighty Buzzard on Wednesday March 14, @02:30PM (2 children)

    by The Mighty Buzzard (18) Subscriber Badge <themightybuzzard@soylentnews.org> on Wednesday March 14, @02:30PM (#652383) Homepage Journal

    No, we won't be getting one for *.soylentnews.org. It's easier to have each VM take care of its own specific hosts than to automate the distribution of the cert and the restarting/HUP-ing of the relevant processes across multiple systems. Less admin butt-pain is of more concern to us than a smaller db for the folks at LE.

    • (Score: 2) by MichaelDavidCrawford on Wednesday March 14, @03:04PM

      by MichaelDavidCrawford (2339) Subscriber Badge <mdcrawford@gmail.com> on Wednesday March 14, @03:04PM (#652397) Homepage Journal

      My life is now without meaning

      My mind is a void

      My heart but a distant echo of the passion that once burned within

    • (Score: 0) by Anonymous Coward on Wednesday March 14, @03:13PM

      by Anonymous Coward on Wednesday March 14, @03:13PM (#652403)

      Same for my systems. If they would do away with their "90 day only" stupidity it would actually be usable and provide a much-needed alternative in the CA industry. Until then it's just more stupid from morons that are a danger to the internet.

      No, there aren't really alternatives when your two choices are a free certificate that requires stupid amounts of admin time to manage, or a cert from a "normal" provider that is charging anywhere from two to four orders of magnitude more than is reasonable. $1 a year for a DV multi-SAN cert is reasonable, anything more is not. $50 for three years is reasonable for an EV cert, anything more is not.

      Perhaps in another 30 years we will have the automation required to make LE work as they want it to. Until then it's a good example of what happens when you let ignorant fucktards develop and run something that is the only alternative to multinational corporations colluding to keep the prices of their products unreasonably high.

  • (Score: 2) by Thexalon on Wednesday March 14, @03:13PM

    by Thexalon (636) Subscriber Badge on Wednesday March 14, @03:13PM (#652404) Homepage

    For those who are using SSL certs for simply verifying a domain, these certs are really easy to manage. Of course, companies who want you to shell out hard-earned cash for a less convenient service to do the same thing aren't going to tell you that the option even exists.

