Anyone else using free Let's Encrypt SSL certificates?


(Leland Fiegel) #1

Over the weekend I set up a free Let’s Encrypt SSL certificate on my personal blog. It was pretty painless to set up, and it automates a lot of the processes you would normally have to do manually.

It does require you to have SSH access to your server to install the Let’s Encrypt client. This is what confirms you’re requesting a certificate for a domain pointing to the same server, effectively validating domain control (most other certificate authorities use email instead).

If not, you need your host’s cooperation. I haven’t found many WordPress-friendly hosts supporting them besides SiteGround and DreamHost. Are there any others?

There’s some more information on setting up Let’s Encrypt with WordPress on the Delicious Brains blog.

If you set up a Let’s Encrypt certificate, how was your experience?


#2

Currently, I own certificates for all my domains, so did not switch yet, as don’t needed.
Just notice, for those who also use ServerPilot with Digital Ocean or other providers, there is just "one click’ fully automated Let’s Encrypt available.


(Leland Fiegel) #3

Nice, that’s good to know.

It also looks like Let’s Encrypt support is imminent in Trellis, according to this open pull request.


(Brian Ross) #4

Laravel Forge also supports Let’s Encrypt.


(Ben) #5

I’m using free ssl certificates from cloudflare. They also added automatic support for http2 if you’re using https.

Nice to see serverpilot support letsencrypt since I use them for a couple of sites and hadn’t realised they added support.


(Corey) #6

I’m using a few on Dreamhost, a few on Siteground and a few using Easy Engine So far so good. I will say though you should avoid using it if you are hosting a podcast on your site. iTunes doesn’t play well with LetsEncrypt and won’t validate your feed eventually removing it from iTunes.


(Russell Heimlich) #7

Let’s Encrypt has been a breeze on DreamHost and KeyCDN. One click and done. It’s awesome. SSL is such a no-brainer now and then you can take advantage of new features that are HTTPS only like service workers, HTTP2, push notifications etc.


(Ahsan Parwez) #8

Cloudways is soon going to add Let’s Encrypt on a single click. Installing SSLs will be easy on any domain.

As of now, one can manually install SSL certificates by Let’s Encrypt. Expected date to be added is 30th March.


(Dave Matthews) #9

Yes, we rolled out our integration with Let’s Encrypt on the public beta launch day. All you have to do is pick your domain, accept the Let’s Encrypt’s Terms of Service and your certificate will issued in a few seconds, and then renewed automatically every 60 days.

Our implementation is written in Python, and even though we based a lot of our code on the official LE client, it’s still a custom set of scripts triggered by our internal jobs system.

The main pain point so far is lack of support for Windows XP, but according to the LE’s GitHub repo, that should be sorted out pretty soon.


(Jesse) #10

We are still using OpenSSL (via Nginx) for all our hosting clients at LittleBizzy

Paired with CloudFlare’s free Comodo-signed SSL, it works perfectly and validates with iTunes or any other third party application, plus helps avoid the possibility of Man-in-the-Middle Attacks.

If anyone wants to try OpenSSL you can try this Nginx setup:

@petercralen good to know that ServerPilot supports Let’s Encrypt now –

@BinaryMoon Keep in mind the connection between your origin server and CloudFlare is not encrypted if you are using their Flexible SSL feature (i.e. without OpenSSL, etc).


(Ben) #11

Thanks for the tip. Hadn’t considered that.

To be honest I am using it purely for Google. My site doesn’t have any user input/ logins (beyond the WordPress login) so I don’t consider it a big problem. Something for me to keep in mind if I do something more complex though!