Hacker News new | past | comments | ask | show | jobs | submit login

Why does it have to be the same cert on every host? Use a separate cert for each and automation will be much easier.

With Let's Encrypt, you don't need to minimize the number of certs just to save some money.

I'm just saying how I'm running things now. Totally open to better ways. Right now I pay $135 for a two year wildcard cert (very small business here). It takes 1 hour of my time to update the cert for all these applications. 1 hour of time and $135 every two years is not a lot. When I do a cursory look of how to reliably automate letsencrypt across all applications, there are people who have created scripts that help, but it does not give me reassurance that everything will run smoothly every 90 days. I am waiting for letsencrypt to get first-class support in dovecot, postfix, pureftpd, and IIS, so it can be set and forget, and I know long term support will be there.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact