On Tuesday 07 Feb 2017 11:20:12 Paul Tansom via Hampshire wrote:
> ** Imran Chaudhry via Hampshire <hampshire@???> [2017-02-07 07:52]:
> > +1 for letsencrypt.org - I recently switched to HTTPS for all my
> > hosted server domains and was very happy to find a "letsencrypt"
> > package for Debian that automated the entire process. It even
> > auto-renews the cert for you.
>
> ** end quote [Imran Chaudhry via Hampshire]
>
> Seconded, I've been using Letsencrypt for a while now (just checked and it
> looks as though I signed up back in November 2015), and I've had no problems
> in that time. I used to use StartSSL and the manual renewal and install was
> a pain, particularly if you'd managed to let your personal account
> certficate expire and lost access to the certificates you already had
> (thankfully I managed to merge the accounts I had when they did a system
> upgrade a while back).
I'm also using Let's Encrypt, and I'm really happy with it. I've had two
issues with it though.
First, was that my original websites were behind a proxy/firewall that
didn't allow HTTP (only HTTPS) access, and the auto-setup didn't work due
to not being able to call back. I've since moved away from that setup,
and with a more normal environment it all worked first time.
Second, was that if you install the script manually, and run the cron
with the recommended --no-self-upgrade option, then it doesn't update
itself. I have had it fall far enough behind that the script then stops
working and fails to update your certificates. Running it manually
without the --no-self-upgrade flag fixed that relatively quickly, but
I need to make sure the script gets updated regularly.
--
Be seeing you, Games: http://www.glendale.org.uk/
Sam. Posts: http://www.google.com/+SamuelPenn
--
Please post to: Hampshire@???
Web Interface:
https://mailman.lug.org.uk/mailman/listinfo/hampshire
LUG URL:
http://www.hantslug.org.uk
--------------------------------------------------------------
