## WebFaction / LetsEncrypt / General Disappointment

From: andrew cooke <andrew@...>

Date: Fri, 22 Jan 2016 13:28:45 -0300

I thought I better get with the times and add https support for this
site.  There's been a well-publicised campaign by EFF et al to support
free certificates, after all....

Well, it's not so rosy.

First of all, the certificates from https://letsencrypt.org/ last for
only 3 months (and there's a wonderful thread in their community pages
explaining how people that want more than that are useless as website

Second, more understandably, there needs to be some way of confirming
that the domain is indeed yours.  There are various ways to do this,
but for something like this site, hosted with WebFaction (who are
generally pretty good), this boils down to:

* Generating keys by hand
* Running a python script that prompts you to place a magic value
at a given location on the server
* Getting a certificate (when the magic value is read)
* Placing the files in an appropriate place on the WebFaction account
* Asking WebFaction to install the cert / key

And that has to be done every three months.

Ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha.

Andrew

https://tty1.net/blog/2015/using-letsencrypt-in-manual-mode_en.html
https://community.webfaction.com/tags/letsencrypt/