Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I'm not going to give them credit for the work that Lets Encrypt did.


I agree, Let’s encrypt and ACME played a massive role. But it’s still far easier having Cloudflare handle TLS encryption for you.

And i say this as someone who uses ACME in certmanager and certbot at home and still prefers the ease with which Cloudflare generates a cert for my domain and terminates TLS for the public side of my cloudflare tunnel.


For my home stuff I just use nginx-proxy-manager and haven't thought about it since I set it up a couple of years ago.

For work, I used to use certbot directly at my old place. Now I am building my new stuff on k8s, and I have the ingress manage my certs for me (likely using certbot or similar behind the scenes). Both have been extremely low setup effort and no ongoing effort.

I don't like giving Cloudflare my (or my companies/customers) data in exchange for being able to click a checkbox.


Lets Encrypt can proxy my old http only website to show as https? Without access to server configuration? How?


With nginx-proxy-manager which uses Let's Encrypt for certs you can... This isn't the gotcha you think it is.


I don't have access to the server.


It can be run anywhere. You don't need it on the same server. Cloudflare isn't running on the same server either.


Cloudflare is a checkbox.


And you only let them see every bit of traffic to and from your site in exchange.

What a deal.

You changed the subject btw.


I didn't. I said that Cloudflare is the one that allowed my http only site to become https.


My bad! I slightly confused my timeline. CF offered free certs long before LE!




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: