This site is now 100% read-only, and retired.

Do you use let's encrypt?

Submitted by Steve on Fri 6 May 2016

Tags: , ,
Yes  <-> 56% 5676 votes
No  <-> 17% 1741 votes
Huh?  <-> 25% 2598 votes
Total 10015 votes

 

 

 

Re: Do you use let's encrypt?
Posted by xrat (128.130.xx.xx) on Fri 6 May 2016 at 10:18
Not yet. I plan to switch when my old certs expire.

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (91.17.xx.xx) on Wed 11 May 2016 at 22:47
I'd switch while your old certs have some time left.

[ Parent ]

Re: Do you use let's encrypt?
Posted by rkreider (4.49.xx.xx) on Tue 17 May 2016 at 03:29
[ View Weblogs ]
Pretty simple to <code>./letsencrypt-auto certonly --standalone -d www.example.com</code> and then modify Apache/Nginx to play nice. I'm a fan of LetsEncrypt.

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (89.27.xx.xx) on Mon 27 Jun 2016 at 20:27
using letsencrypt means

a) regularly allowing a peace of software to run on my computer, which then connects to various place and "does things"
b) entering an agreement with a US organization under US law.

for me, b) was by far the biggest reason to NOT use letsencrypt.

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (84.13.xx.xx) on Sun 3 Jul 2016 at 06:22
And other CAs don't require you to have agreements under US law? kk

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (87.6.xx.xx) on Thu 14 Jul 2016 at 22:50
Yep. Just get one which isn't issued by a US-based company..

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (98.254.xx.xx) on Mon 18 Jul 2016 at 13:28
Well while I do not care about making an agreement with a US based company, let'sencrypt doesn't run on its own unless you like set a cronjob. Its not like for eg. the google play store where it updates things left and right on

As far as doing things if I understand its process it just starts a webserver with some files and a host verifies that your IP/domain is the IP/domain that you use. but this observation is based on error/bugs I have had with letsencrypt. So it might not be as bad as it sounds, if in doubt, we are free to read the code ourselves.

However if the latter if a BIG concern then yeah IDK, maybe self signed or using an alt CA is the way to go, right?

[ Parent ]

Re: Do you use let's encrypt?
Posted by Matlib (46.134.xx.xx) on Sat 6 Aug 2016 at 20:35
Is there any control over certificate key with this Let's Encrypt app? Is there any way to run it in a non-automated mode with no access to httpd's config? Their "How it works" document hardly covers these topics.

M.

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (184.162.xx.xx) on Wed 28 Sep 2016 at 03:01
Yes. Use certonly and --webroot path, then you can update or adjust your configuration when you want. I use something similar to this, then grab the private key, certificate, and CA trust chains from /etc/letsencrypt/live/mydomain.com/ and add to the webserver config.

letsencrypt certonly -d mydomain.com \
--webroot --webroot-path=/var/www/mydomain.com/ \
--email me@mydomain.com --agree-tos --renew-by-default

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (107.5.xx.xx) on Sun 13 Nov 2016 at 09:40
Use python script that less than 200 lines of code (pretty easy to audit) from here
https://github.com/diafygi/acme-tiny
It use web-root verification, everything else you can automate (certificate replacing) with your own scripts or do manual update

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (24.243.xx.xx) on Thu 10 Aug 2017 at 18:14

Do you have a problem with the government, or with installing software? I can tell you right now you probably haven't looked at literally every single line of code that goes into your computer... one line is all it takes to lose it all ;)

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (98.254.xx.xx) on Mon 18 Jul 2016 at 13:23
Yeah I use it when I can for like my owncloud server and gogs.

I just wish let's encrypt allowed me to use terminal commands like "git clone https://git.joepcs.com:/myrepo.git&quot;

but IDK, I may be using it wrong. It doesn't worry me too much since like gogs its better if I use SSH anyways.

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (91.142.xx.xx) on Tue 18 Apr 2017 at 14:43
That's odd. I can use git cloning with let's encrypt certs just fine.

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (2.236.xx.xx) on Sun 7 Aug 2016 at 17:39
I don't think I need https

[ Parent ]

Re: Do you use let's encrypt?
Posted by AJxn (130.243.xx.xx) on Tue 31 Jan 2017 at 22:28
[ View Weblogs ]

Everyone that have a server needs to encrypt the protocol in use.

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (77.50.xx.xx) on Sat 17 Jun 2017 at 13:47
That's a blatant lie. You only need encryption when you pass sensitive data or need protection from eavesdropping.
If you run no interactive content that requires authorization, you hardly need HTTPS, and with current hysteria about it, people switching to HTTPS with not even a single bit of understanding are worse than those not using HTTPS at all.
Actually, in few years current "highly protected" setups built using various "how-to"s will be more vulnerable, than those not using HTTPS, just because they give their owners false sense of "safety", while in fact using weak chiphers enforced in config with no chance of escape.

[ Parent ]

Re: Do you use let's encrypt?
Posted by AJxn (95.140.xx.xx) on Sat 8 Jul 2017 at 21:48
[ View Weblogs ]

No, it isn't,and you should not use that language when you have not checked.

Just check what IEFT say about the subject in RFC 7435, "Opportunistic Security", you see they will no long approve the use of encryption as "all or nothing", but as "use as often as you can".

"Protocol designs based on Opportunistic Security use encryption even when authentication is not available, and use authentication when possible, thereby removing barriers to the widespread use of encryption on the Internet."

So you are just using old data, you should update to recent RFC:s.

https://www.rfc-editor.org/rfc/rfc7435.txt https://plus.google.com/+OlleEJohansson/posts/M4hu12VFaCS

And no, your comment will not be more true just because you post it twice.

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (77.50.xx.xx) on Sat 17 Jun 2017 at 13:47
That's a blatant lie. You only need encryption when you pass sensitive data or need protection from eavesdropping.
If you run no interactive content that requires authorization, you hardly need HTTPS, and with current hysteria about it, people switching to HTTPS with not even a single bit of understanding are worse than those not using HTTPS at all.
Actually, in few years current "highly protected" setups built using various "how-to"s will be more vulnerable, than those not using HTTPS, just because they give their owners false sense of "safety", while in fact using weak chiphers enforced in config with no chance of escape.

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (88.68.xx.xx) on Thu 18 Aug 2016 at 15:49
I don't like the way Let's encrypt works. That why I prefer supporting CACert.org and helping them to become approved by Mozilla instead of helping Mozilla build their monopoly.

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (66.199.xx.xx) on Wed 28 Jun 2017 at 15:53

hope you don't expect anyone to use your website then

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (80.215.xx.xx) on Sun 13 Aug 2017 at 22:38

My understanding of the 300 million dollar revenues of Mozilla got for 2016 over 90% came from google. in order to maximise profits . In a worldwide competition for workers it paid the least possible to developer not even access to the food& shelter the black salves had . Not surprisingly as such. clever governments treat Mozilla as a us corporation maximising money flows. or a subsidary of the our beloved big brother google. I just tried once to recompile Firefox on windows(mingw) the files mozzila calls source .no makefile no project files ??? I would have been ok just with configure files. Android is even worst downloading 100gb of junk to finally realise for security reason you can reinstall the custom build software on your phone Can we ask how much mozilla paid the open source fondation for the open source certification ? I am using the least i can of my beloved big brothers Goggle softwares . Don&amp;amp;#39;t expect this encrypt stuff on my machines as long as the google monopoly is cut in pieces so we can clearly see the size and extend of the control over the world freedom . Looks like it time to revert to the old monopoly that served us quite well from 1975 to 2000. I still have sources i wrote back then that still works in production with ridiculously low maintenance cost and labor . The valley money ie Google..... spoiled the movement. Could it be that forcing corporation to pay $400 per certificate that expires in no time usually 1 years. Would beat the total technology expenses of individuals .

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (176.36.xx.xx) on Sat 3 Sep 2016 at 12:03
I don't really like the way it gives certificates. StartSSL is better IMHO

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (107.5.xx.xx) on Sun 13 Nov 2016 at 09:32
StartSSL is not trustful anymore since acquisition by China's WoSign CA.
Mozilla already block both WoSign and StartSSL and Chrome on a way to do the same.

read here:
https://tech.slashdot.org/story/16/09/26/2028215/mozillas-propose d-conclusion-game-over-for-wosign-and-startcom

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (89.87.xx.xx) on Mon 26 Sep 2016 at 10:53
I stick with Cacert.

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (24.56.xx.xx) on Sat 31 Dec 2016 at 10:17
letsencrypt learning curve can be high, but the payoff is great and the code is easily audited. If you still don't like it there are plenty more available ACME clients that can get you certs. It's a good service and is worth the time to learn, even if it doesn't support everything (including wildcard(!) domains, which may be a deal-breaker for some; support is still ongoing).

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (94.65.xx.xx) on Tue 10 Jan 2017 at 11:25
I've tried to install it but failed... So, I'd honestly say my incompetence is hindering me.

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (91.61.xx.xx) on Wed 1 Feb 2017 at 21:48
We make great use of letsencrypt certificates, expecially for encrypting developer domains like engine.car.thomas.example.com. We can create a multidomain certificate easily for the development servers using Saltstack. There is the public letsencrypt formula available:
https://github.com/saltstack-formulas/letsencrypt-formula
Personally I prefer this letsencrypt formula, as it lets you configure hooks, for example for gitlab to "gitlab-ctl stop" and "gitlabctl-start" before and after renewing the certificates:
https://github.com/blunix/formula-letsencrypt/

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (101.167.xx.xx) on Sat 11 Feb 2017 at 13:48
I using it in everywhere I can.

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (83.20.xx.xx) on Tue 25 Apr 2017 at 18:34
Only startssl

[ Parent ]

Re: Do you use let's encrypt?
Posted by AJxn (95.140.xx.xx) on Sat 8 Jul 2017 at 21:58
[ View Weblogs ]

I used too, but not any more. Please read the link in another thread about why.

And letsencrypt doesn't try to make any garanties, even though they try to verify owner of what they sign. They try to make certificates that passes web browsers and are a bit better then Snake Oil certificates.
And encrypt are delivering on that.

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (154.70.xx.xx) on Sat 6 May 2017 at 14:50
I would but I don't have a server and my webhost won't let me install the Let'sEncrypt scripts.

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (108.49.xx.xx) on Sun 21 May 2017 at 02:04
Get your support for Alpine in order, Let's Encrypt! Anyone who's anyone puts their web services in docker containers, and anyone who's good at that uses alpine as a base image.

[ Parent ]

Re: Do you use let's encrypt?
Posted by Anonymous (2003:0xx:0xx:0xxx:0xxx:0xxx:xx) on Fri 8 Sep 2017 at 19:36

Yes, I use Let's Encrypt, because it's the best, easiest and free way to get a certificate for your web page, and encryption means user friendly

[ Parent ]