Follow-up on @letsencrypt: I am not so optimistic about it as the folks who replied to my previous inquiry. It seems pretty unstable (for example, they just broke all currently installed versions on the 9th!), and a lot of stuff doesn't even work out-of-the-box...
-
Show this thread
-
Since certificates are updated every 90 days, and failing to get an updated certificate would effectively take down your site, I'm really uncomfortable using something like this for security... it seems unreliable and not designed for guaranteed uptime?
3 replies 0 retweets 2 likesShow this thread -
Add that to the fact that its not really a compact, clean executable, but a sprawling mess of Python scripts, and I'm just not getting that positive vibe :( It seems like this will _add_ failure points into the process rather than removing them.
8 replies 0 retweets 7 likesShow this thread -
Replying to @cmuratori
There are definitely "compact executable" clients for Let's Encrypt - https://github.com/google/acme is one. Also, you can renew weeks before expiry date, so even if Let's Encrypt goes down, you can just try again later.
1 reply 0 retweets 0 likes -
Replying to @K900_
It's not that Let's Encrypt goes down - it's that your _client_ may be rejected, as happened in January. At that point, you have to have planned ahead and had some way for your Let's Encrypt cron job to _email you_ and let you know this, so you can go manually update it!
4 replies 0 retweets 0 likes
That is just not a sane thing to be happening in the supposedly automated security part of the subsystem, IMO, so I am sticking with predictably installed 3-year SSL certificates.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.