[TriLUG] Server Certificates and Wild Cards
Lee Fickenscher via TriLUG
trilug at trilug.org
Tue Jan 31 13:08:43 EST 2017
Hey Igor,
Is the LE root cert included in major browsers?
-Lee
On Tue, Jan 31, 2017 at 9:31 AM, Igor Partola via TriLUG <trilug at trilug.org>
wrote:
> >
> >
> > So, what happened to cacert?
> >
> >
> CAcert.org is a valiant attempt, but their root certificate is not included
> in most (all?) major browsers, so it's all but useless for real world use.
> AFAIK, they also don't have an API or a protocol for automatically
> re-issuing certs, which LE does.
>
> I should also have mentioned that there are two more ways I know of to get
> production TLS certs. One is if you use AWS. Their EC2 load balancers can
> use certificates issued by the AWS Certificate Manager, which provides free
> certs to the domains you own.
>
> The other is through CloudFlare, which provides other benefits (and
> drawbacks) as well. Be wary of this option since they have potential for
> insecure setups, and also they become your DNS provider, potentially
> introducing various issues into the mix. This is for advanced users that
> want CloudFlare for other reasons, and the free TLS cert is a nice bonus.
>
> Igor
> --
> This message was sent to: elfick at gmail.com <elfick at gmail.com>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
> address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web : http://www.trilug.org/mailman/
> options/trilug/elfick%40gmail.com
> Welcome to TriLUG: http://trilug.org/welcome
>
More information about the TriLUG
mailing list