[Cialug] LetsEncrypt ONLINE!!

matt at itwannabe.com matt at itwannabe.com
Wed Dec 9 18:31:41 CST 2015


Since I was just rebuilding my mail server, I decided to try this out.  Using Ubuntu 14.04 and its version of Apache, even with a custom virtualhost config, running letsencrypt with the apache plugin set my webserver up automatically.  I just had to point postfix and dovecot to the location letsencrypt uses for certs/keys.  I guess I'll just have to run letsencrypt again when the certificate expires.

If you're using a supported distro and daemon, everything is totally automatic, which caused me to test everything over again in disbelief.  It really does work, though, and I'm blown away with how easy it was.

-- Matt (N0BOX)

Sent from my android device.

-----Original Message-----
From: Dave Hala <dave at 58ghz.net>
To: Central Iowa Linux Users Group <cialug at cialug.org>
Sent: Wed, 09 Dec 2015 7:07 PM
Subject: Re: [Cialug] LetsEncrypt ONLINE!!

If its not automated on your distro, it looks like a hassle.


On Wed, Dec 9, 2015 at 5:49 PM, Matthew Nuzum <newz at bearfruit.org> wrote:
> Is it a good idea for the CERT to be cycled more often then 90 days?
> Obviously you wouldn't wait until the 90th day to renew it, but what about
> every 30 days?
>
> On Wed, Dec 9, 2015 at 11:25 AM Todd E Thomas <todd.dsm at gmail.com> wrote:
>
>> I'm kinda jazzed about this; been waiting since (I think) Jim shared it
>> with the group.
>>
>> As a note, it should be taken into consideration *they favor a 90-day
>> cert*.
>> The reasons for this are explained in their blog
>> <https://letsencrypt.org//2015/11/09/why-90-days.html>. They've gone out
>> of
>> their way to make certs automat*able* - finally.
>>
>> So, given that certs can be (easily?) automatically swapped-out every
>> 90-days, the re-cracking (by the NSA, random knuckleheads, etc) would start
>> over again with each new cert.
>>
>> Nice.
>>
>> TT
>> _______________________________________________
>> Cialug mailing list
>> Cialug at cialug.org
>> http://cialug.org/mailman/listinfo/cialug
>>
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
_______________________________________________
Cialug mailing list
Cialug at cialug.org
http://cialug.org/mailman/listinfo/cialug


More information about the Cialug mailing list