[TriLUG] Server Certificates and Wild Cards
Igor Partola via TriLUG
trilug at trilug.org
Tue Jan 31 12:31:00 EST 2017
>
>
> So, what happened to cacert?
>
>
CAcert.org is a valiant attempt, but their root certificate is not included
in most (all?) major browsers, so it's all but useless for real world use.
AFAIK, they also don't have an API or a protocol for automatically
re-issuing certs, which LE does.
I should also have mentioned that there are two more ways I know of to get
production TLS certs. One is if you use AWS. Their EC2 load balancers can
use certificates issued by the AWS Certificate Manager, which provides free
certs to the domains you own.
The other is through CloudFlare, which provides other benefits (and
drawbacks) as well. Be wary of this option since they have potential for
insecure setups, and also they become your DNS provider, potentially
introducing various issues into the mix. This is for advanced users that
want CloudFlare for other reasons, and the free TLS cert is a nice bonus.
Igor
More information about the TriLUG
mailing list