
Let's Encrypt has issued its first million certificates - thejosh
https://www.eff.org/deeplinks/2016/03/lets-encrypt-has-issued-million-certificates
======
StavrosK
> It is clear that the cost and bureaucracy of obtaining certificates was
> forcing many websites to continue with the insecure HTTP protocol

I never realized this so clearly, but it's true. The biggest hindrance to
security until LE was that certs were expensive and hard to install. I don't
think it was so much the former as the latter. I'd gladly pay 10% more for my
cert if it meant my server could renew automatically without me touching it at
all.

Then again, for small things, like my home computer that I want to access some
stuff on but don't want to pay $10 for, self-signed was fine, so I guess the
price was a problem, to a degree.

~~~
nly
I personally find the hassle of installing, configuring and, crucially,
_testing_ , both LetsEncrypts scripts, and an accompanying cronjob, much more
work and worry than a static nginx ssl config.

~~~
tokenizerrr
What are you talking about? My nginx ssl config is static as well. It looks at
a specific path for my certs, which just happens to be a symlink managed my by
letsencrypt tooling.

You're going to have to renew anyway. Previously you would have to remember to
do that once a year, or maybe once every two years. Now let's ignore the
security implications of having certificates that are valid for a year for a
moment, and just focus on the actual work. Every year, you have to request a
new certificate, wait for your certificate authority, upload the new
certificate to the server, reload your webserver, check if everything works.

With LE, you do all of that once. You set up the tooling and the cronjob once.
You make sure it works once. And you're done. No more hassle.

~~~
nly
"Once" assuming nothing randomly breaks while you're not looking. What if your
cronjob doesn't fire? What if LEs script has a bug and you're not up to date?
What if one of the (Python?) dependencies has a bug or breaks? What if LEs
servers are being DDoS'd? Can you enumerate and account for _all_ the failure
scenarios? I've already botched things with acme-tiny&LE in several different
ways.

I'm not claiming these risks are that significant, but given that LE takes
just as much time and effort for initial set-up as a standard multi-year cert,
if not more, I think the mantra "some risk of failure is more risk of failure
than no risk of failure" is something worth baring in mind.

And I'm not convinced having 90 day certs is a huge security win. Not only can
someone do a lot of damage in 90 days, but your private key (the important
bit) can't be rolled every 90 days anyway without integrating your rollover
scripts with your HPKP config. If you botch _that_ then your visitors can't
come back to your website until the pin expires. Scary. Site ending scary. And
if you're not using HPKP then i'm not even going to debate the security pros
and cons.

On remembering to renew certs... there are many many services out there to
send you reminders. Pick 2 or 3 and use them all. Or use a CA that sends
reminders.

I'm glad LetsEncrypt exists, but let's not treat it like the be-all-and-end-
all.

~~~
_yy
> What if your cronjob doesn't fire? What if LEs script has a bug and you're
> not up to date?

That's why I renew them a week in advance. I set up Nagios checks which alert
me when a certificate is not renewed. Those were already in place before
LetEncrypt since human error is just as likely as a script breaking.

~~~
guan
I renew every month and have not hit their rate limits. That way, even if the
cron job doesn’t fire and I don’t notice, there is another chance a month
later.

------
XorNot
The default LE client was kind of a pain to work with. The docker container
was better but where it really helped was the Lego golang implementation. That
one 'just works' and was super easy to setup behind nginx to run
automatically. It also writes a nicer config dir.

~~~
metachris
acme-tiny is another good and simple client, which I personally prefer.

I've recently compared 10 different Let's Encrypt / ACME clients:
[https://www.metachris.com/2015/12/comparison-of-10-acme-
lets...](https://www.metachris.com/2015/12/comparison-of-10-acme-lets-encrypt-
clients/)

~~~
labster
In your review, whenever I click a "show output" link, it navigates to another
page containing only "[object Object]". Can you change the href to be an
onclick attribute or something like that?

~~~
metachris
Thanks for the suggestion, I'll update the post tonight. Didn't notice /
cannot reproduce - it seems to work for me in all browsers.

------
kardos
So what does this mean for the incumbent CAs? Are we going to see a lot of
consolidation in that area?

At a first glance it looks like LE has neutered the DV cert business. How much
of their revenue is up for grabs here... how strong is the incentive to pursue
extra-legal means of killing off LE? (Such as by stealing and leaking their
signing keys...)

~~~
trentmb
My limited understanding- LE certs only say that the data sent between you and
the server is encrypted, while traditional CAs also tell you 'who' that server
belongs to.

So, your connection to trentmb.org may be secure, but it may not be this
trentmb you're exchanging data with. Traditional CAs claim to do some sort of
ID verification.

EDIT: I am very wrong.

~~~
kardos
It looks [1] like some CAs depend heavily on DV certs (GoDaddy) while others
do not (Digicert).

[1] [http://www.netcraft.com/internet-data-mining/ssl-
survey/](http://www.netcraft.com/internet-data-mining/ssl-survey/)

~~~
Kadin
Interesting. I wonder how critical to GoDaddy's business the certificate sales
are, or if they're really just a sideline to their core hosting business.

------
ngrilly
I hope that Let's Encrypt will be able to issue wildcard certificates at some
point.

~~~
merpnderp
That would be nice, but with it being so easy to get a certificate, you could
just add a new SSL cert when you add the new subdomain.

~~~
currysausage
If there only wasn't the limit of 5 certificates per domain per week [1].

[1] [https://community.letsencrypt.org/t/rate-limits-for-lets-
enc...](https://community.letsencrypt.org/t/rate-limits-for-lets-encrypt/6769)

~~~
ChristianBundy
When it comes to rate-limiting, example.com and foobar.example.com are treated
as completely separate domains.

~~~
currysausage
That would be pretty awesome, but it's not how I interpret the following:
"This limit measures certificates issued for a given combination of Public
Suffix + Domain (a 'registered domain')."

Do you have a source?

------
bpicolo
Set up my first let's encrypt just a couple days ago. Was incredibly painless
to then go add some subdomain certs.

Here's hoping for wildcards some day : )

~~~
lucb1e
Just to be sure, are you aware you can supply an infinite amount* of
subdomains to be signed? If you need a finite and determined set of
subdomains, that's totally possible.

* Well, I'm sure there's a limit, I just heard it's more or less unlimited.

Edit: A bit further in the thread I read a limit of 100 per cert, except you
can only register or renew a few per day. Never mind that being unlimited,
then.

------
pingec
Do their certificates still expire in only 90 days? That makes them very
unappealing to me :/

Edit: I understand and agree on why they made it like this. But automating it
is not an option in my use case, oh well... I agree it's for the better in the
grand scheme of things :).

~~~
Ao7bei3s
You're supposed to automate renewal.

Since v0.4.0 all it takes is a "letsencrypt renew && apachectl graceful" in a
daily cronjob (or, preferably, systemd timer), it handles the rest. Tweak as
you like.

~~~
jqueryin
Assuming you use Apache. For many, it's simply not a fast enough web server
without reverse proxies in front of it.

Still crossing fingers for full nginx support soon.

~~~
nkuttler
I don't know, I don't want letsencrypt to touch my config files. It just works
fine without that "magic" anyway if you're willing to add a few lines to a
config file.

~~~
ptaffs
I agree, but i think the LE target audience is not you. Their whole thing is
to be easy and use the "magic", to get the people who don't want to buy a
certificate or deal with the config files, onto good encryption. I'm their
audience and now my low-power volunteer run FM radio station website has HTTPS
with a recognised CA.

------
Sir_Cmpwn
Given that LE does certificate transparency, would it be possible to find out
what their millionth certificate was?

~~~
nly
CT doesn't seem that transparent. crt.sh only shows the certificate for one of
my domains, despite them all having certs issued by the same CA on the same
day. Go figure.

~~~
svenfaw
Interesting. Are you comfortable with mentioning the domain name(s) here?

And for the record, here is the millionth LE cert in all its glory:
[https://crt.sh/?id=14392504](https://crt.sh/?id=14392504)

~~~
nly
> Are you comfortable with mentioning the domain name(s) here?

Not to just anyone, no. The certificates aren't all in service for HTTPS,
which might explain some of it, but I don't know.

------
igravious
Super! Just set up my first secure website with Nginx.

Absolutely simple. Literally the only way it could have been easier is if
letsencrypt had been installed on my Centos 6.7 box but it was only a `git
clone' away.

\---

1) Stop the web server.

2) ./letsencrypt-auto certonly --standalone -d _my_domain1_ -d _my_domain2_
... At the curses prompt give it your contact email address, and accept the
licence

3) Edit nginx.conf - Change all _listen 80_ s to _listen 443_ s. Add the
following commands

    
    
       ssl_certificate /etc/letsencrypt/live/_my_domain_/fullchain.pem;
       ssl_certificate_key /etc/letsencrypt/live/_my_domain_/privkey.pem;
    
       # bump up protection
    
       ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
       ssl_prefer_server_ciphers on;
       ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
    

4) Start the web server

5) Doh! Go through website changing hardcoded [http://](http://) links to
protocol (scheme) relative links // See here:
[https://www.paulirish.com/2010/the-protocol-relative-
url/](https://www.paulirish.com/2010/the-protocol-relative-url/)

6) Restart the web server

\---

Ok. It's doesn't seem that simple now that I say it but it was easier than
wrestling with Apache and rewrite rules :)

~~~
nickik
I had no experiance with Nginx and doing the 80-443 redirct was pretty simple.

server { listen 80; listen [::]:80 ipv6only=on; server_name www.mydomain.com;
return 301
[https://$server_name$request_uri;](https://$server_name$request_uri;) }

------
kriro
Their certificates over time graph looks hockey stick-ish. Very good sign :)

------
pkaye
How useful is this for a home server where there is no domain name registered?
Can it be configured for my local secure web server?

~~~
Buge
You need a domain name registered. Otherwise what would they issue the
certificate for? You could buy a domain though, then have a local dns resolve
it to your own machine.

Alternatively you could use a self signed cert and sign it to localhost or
whatever, then configure all your browsers to trust this certificate.

~~~
pkaye
Is it possible to do without Chrome complaining about the validity of the self
signed cert?

~~~
singlow
If you have a registered domain and get a DV cert from LE or anywhere else,
chrome will not complain about the cert. If you self-sign it, chrome, or any
other browser, will complain, unless you add your own CA to the trusted list
on each device.

~~~
lucb1e
> If you self-sign it, chrome, or any other browser, will complain, unless you
> add your own CA to the trusted list on each device.

You say it like "any browser will complain unless you modify the device", but
in Firefox you can just add it to the local trust store. They manage their own
so that works just fine.

Many applications actually allow you to permanently accept a certificate
(heck, SSH) which then alerts you if it changes. It is actually reasonably
secure if you aren't on an insecure network the first time around. Just Chrome
keeps complaining annoyingly.

------
ohitsdom
I host many small sites on a $10/month shared server with a typical LAMP stack
host. Unfortunately, SSH access is limited so I keep running into issues
getting Let's Encrypt running. Has anyone else run into any issues? Not
looking for step-by-step help, just wondering if I'm alone.

I have seen paid software promising to solve this [0], but I'd rather not pay
to get a free certificate.

[0] [https://letsencrypt-for-cpanel.com/](https://letsencrypt-for-cpanel.com/)

~~~
thinkcontext
Get a shared host that supports Lets Encrypt, there are many.

[https://github.com/letsencrypt/letsencrypt/wiki/Web-
Hosting-...](https://github.com/letsencrypt/letsencrypt/wiki/Web-Hosting-
Supporting-LE)

~~~
techload
Crocweb is missing from this list.

------
Sodel
First of all, I love this.

One nagging thing in my mind, though, is how easy it seems it would be for a
Three-Letter Agency to backdoor LE to pieces. Then again, I guess that's
nearly just as true for any CA out there.

(I don't mean to pooh-pooh this useful service! And, if there's any
interloper-mitigation going on that I don't know about, I'd be happily put
straight!)

------
kn9
Certify for Windows IIS with autorenewal
[https://certify.webprofusion.com/](https://certify.webprofusion.com/)

------
siquick
What are the benefits of using LE over Cloudflares HTTPS?

~~~
icebraining
End-to-end security - even if the path between the client and CF itself is
secure & authenticated, you need a valid cert (like from LE) to secure &
authenticate the path between CF and your server - what they call "Full SSL
(strict)."

------
superkuh
LE is okay but the 90 day limit puts me off. It's so much easier to do a self-
signed for 10 years. The problem with self-signed certs isn't intrinsic to
them, it's a problem with browsers scaremongering for the lowest common
denominator.

For my mail server which only I use, my websites which only technical people
visit, etc, there's no reason to deal with the hassle of LE.

~~~
menacingly
Absolutely. Browser warnings actually make it sound like unencrypted
connections are preferable.

