Information
Photography
Syndicate This Blog
Saturday, January 21. 2017
Let's Encrypt SSL Certificates
Let's Encrypt changes the game for SSL certificates. By combining free certificates with an effective mechanism for ensuring these certificates are legitimately issued, everyone running a site can now have a signed certificate. EFF's Certbot is a handy tool for allowing even novice administrators to easily maintain these certificates, with automatic renewal.
For companies with intranets, Let's Encrypt may not be suitable. The resolution protocol which proves out the site owner requires access to the dns or parent web server for a real domain. Regardless of registration method used, the addresses of these intranet sites are then publicly available via logs which anyone can see, which could be an issue in cases where it is important to keep these private.
Regardless of the caveat for intranets, this new option is a tremendous improvement over the previous state of SSL for many, and has particularly impressive use cases in cloud deployments.
For companies with intranets, Let's Encrypt may not be suitable. The resolution protocol which proves out the site owner requires access to the dns or parent web server for a real domain. Regardless of registration method used, the addresses of these intranet sites are then publicly available via logs which anyone can see, which could be an issue in cases where it is important to keep these private.
Regardless of the caveat for intranets, this new option is a tremendous improvement over the previous state of SSL for many, and has particularly impressive use cases in cloud deployments.
