
Get Let's Encrypt Cert in Five Minutes - kaienkira
https://github.com/kaienkira/acme-client-quick
======
chrsstrm
Why is this better than Certbot, which has more options and more support? Set
up a daily cron to run the certbot-auto `--renew` flag and forget about it.
Done.

[https://certbot.eff.org/](https://certbot.eff.org/)

~~~
lorenzhs
The Debian package is even more convenient, it sets up the cronjob
automatically (with a random delay to prevent everyone from hitting the
servers at the same time). It's even quicker to set up.

~~~
chrsstrm
Is this a new-ish feature or did I just not read the docs thouroughly when I
first used it almost a year ago? Thanks for the tip either way.

~~~
guitarsteve
Same here, I just set up LetsEncrypt for a second site last week and didn't
know this. From a glance at the docs it looks like it's relatively new. Ubuntu
16.10 has the automatic cron setup but not Ubuntu 16.04 which is what I used.

~~~
chrsstrm
That's strange. I swore last year I would never use a non-LTS version for a
server. Unless I'm missing something, it seems to be more headaches than it is
worth to roll with the XX.10 vs XX.04.

------
makefu
on nixos it is:

    
    
        services.nginx.virtualHosts."myhost.org" = {
            enableSSL = true;
            enableACME = true;
            root = "/var/www/myhost.org";
        }
    

Put that in your host configuration and the nginx will be configured to start
up the nginx with SSL enabled. All other locations required for the acme
request are automatically configured. Systemd timers are also added for
automatic renewal. IMHO it does not get any better than this.

edit1: no extra location required

~~~
Filligree
More complex configurations are possible as well, of course:

[https://github.com/Erisia/Madoka/blob/master/configuration.n...](https://github.com/Erisia/Madoka/blob/master/configuration.nix#L207)

------
jaredklewis
A little off topic, but I somehow missed until recently that AWS cert manager
will give you free, auto-renewing SSL certs for use with AWS. Just another
free, convenient SSL option.

------
marcusbrown
What about using Forge instead
([http://forge.laravel.com](http://forge.laravel.com))? I know it's not free
but for 10$/month you can get Let's Encrypt cert in 20 seconds and tons of
more features (server provisioning with really good security setup and all the
tools you need).

~~~
natch
$10/month? I prefer $0.30 per month at
[http://nearlyfreespeech.net](http://nearlyfreespeech.net), but Forge does
look cool for when I need those features. Thanks.

~~~
pooper
Not to pile on but it is not $10. It is $15 / Month for individuals and $30 /
Month for teams.

and that is on top of however much it costs you to run a vps on Digital Ocean
or Linode or Amazon.

[https://forge.laravel.com/](https://forge.laravel.com/)
[https://forge.laravel.com/features](https://forge.laravel.com/features)

It is worth taking a look if you don't enjoy setting up machines.

------
angry-hacker
What about SNI?

