New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
AFAIK that is only for the automatic Apache plugin, using the standalone method should still work.
Let's hope the project will go well and give options for longer periods when the things hits stable.
So I tried it today.
lighttpd isn't supported yet.
Nginx plugin doesn't work for me. Will lock into this next week.
Apache works fine.
BTW:
Depends on your shipping process of the certificate. If we talk about browser based services, yes you could face a mitm attack, but that attack also has to be persistent to work.
use webroot authentication. It works with any existing web server as you just have to pass the public web root path to your domain then manually or script your nginx or lighttpd web server's ssl certificate file setup
Facebook is a gold sponsor
I see, I need to do some more reading then lol.
x
gethttpsforfree.com- A browser-based client. No installation needed and no private keys are asked for!
letsencrypt-nosudo- Python script that doesn't ask for private keys, sudo access, or have to be run on your server.
acme-tiny- A <200 line python script that can automatically issue and renew Let's Encrypt certs. It has access to your private keys, so I made it tiny and auditable. You can use this in a cronjob to renew certs automatically!
Source
I couldn't care less because I'm not using it. I was just interesting if the would really push it today or find another excuse but they did it.
I can't stand facebook.
it is one of my favorite things to do - look at hot girls and look what my friends do
Star Craft 2 Latest Game is Out
I need a medic :P
so.. is there an easy way to just get a fucking certificate, nothing else? I run nginx but don't want it to change anything whatsoever. I really just want a certificate.
Yes, I'm assuming scenarios where there is no secure channel to communicate the channel over - after all, that's the problem the CA model aims to solve to begin with.
An attack has to be persistent to some degree; if snooping is required only for a limited amount of time and it's not a problem to be noisy, you only need to serve the malicious certificate for as long as your snooping operation is ongoing. After that, the user will see a warning - but by then, you've completed your snooping anyway.
Alt Client: https://github.com/kuba/simp_le
Browser Based ACME: https://gethttpsforfree.com/
awesome !!
I will try those guys on a personal domain.
@netomx don't forget to thank my post!
FYI - Let's Encrypt intermediate not accepted by Chrome and IE8 on Windows XP
https://github.com/letsencrypt/letsencrypt/issues/1660
https://community.letsencrypt.org/t/frequently-asked-questions-faq/26
Fuck them all to death!
Did not know. Will not buy. Thanks.
Here you go and do not bother with this 90 day bullshit.
Thanks @rm_ . I'm new to certificates. Is there a quick and dirty howto somewhere just to lift me off the ground?
Go with Comodo Positive 90 days trial, it's free and full working too. And recognized by 99% browsers.
Just in time almost forgot, my comodo ssl expiring tomorrow, gonna renew it
Captain Obvious mode on.
I am talking about very simple process of obtaining CA root certificate, when not installed in browser/OS already, verifying its authenticity and installing.
Captain Obvious mode off.
FYI get your ciphers straight and it will support even Windows XP IE8.
who uses XP these days to be honest ? xp is a legacy but its a past now.
If anyone wants a TL;DR:
Download from github and use webroot https://letsencrypt.readthedocs.org/en/latest/using.html#webroot to just get a certificate and not fuck up your configs.
I just wish it would not make any changes to the server (python stuff blah?). Have yet to find a three-line explanation about what the script actually does and how to remove any traces of it
need to use ./letsencrypt-auto and not "letsencrypt"
What web software is their community forum running at? Very curious as it seems to be really good