Let's Encrypt SSLs
29 Feb 2016A couple of months back, I went through the process of trying out Let’s Encrypt to setup some SSL certs for my various little sites. Do my sites really need encryption? No. But, at this point, it’s easy enough to setup an SSL cert, and I’d rather my sites pass their data securely, even if no one cares what goes on between my site and your browser. I’m not storing credit cards or capturing info about my visitors (beyond the analytics Google captures), but in a world where the government is increasingly looking for ways to get at the data of citizens, why not do it.
Plus, it’s free.
It’s a little bit of a challenge to get setup if you’re not already used to mucking around with server management. The newer versions (as of this moment, 0.5.0) make things much easier, but you’re still going to need to be at least familiar with git, python, and sudo.
Once you’ve gotten certs and gotten your servers configured, you just need to remember that these certs expire every 3 months, unlike yearly (or longer) for more traditional certs. Currently, you’re on your own to renew them, but it sounds like they’ll be building out renewal scripts to make it easy.
SSL certs are already reasonably inexpensive (providers like Comodo often sell them for less than the cost of your annual domain renewal), but the ability to get certs for any number of subdomains for free is pretty compelling. Once the automation is in place, they’ll be almost no reason to run a server without https.
(Of course, Let’s Encrypt could be a big government ploy to get everyone to install free certs that they have the key to, and they’ll be able to eavesdrop on all of us with ease.)