I started using Let's Encrypt recently. It is as good as they say it is.
Let's Encrypt allows you to get free SSL certs for your site, provided that you can prove that you own the domain. They do this by putting a nonce into your webroot, which they then pull via http. The whole process took all of 30 seconds, and that includes the install of the actual software.
$ sudo pkg install py27-letsencrypt-0.1.0 $ sudo letsencrypt --webroot -d example.org --webroot-path \ /usr/local/www/data/example.org certonly
I was blown away by how easy it was.
Did I mention the certs are free?
The certs have an expiration date of 3 months, which is fine since they are free (free!) and can be easily renewed, I've heard reports of people re-generating them from scripts in cron.
This is great news. This basically means we can slap SSL certs on pretty much everything, and that's a good thing. Like this blog for example. Hmm...be right back.