a thoughtful web.
commentspostsbadges
Good ideas and conversation. No ads, no tracking.   Login or Take a Tour!
comment by iza
iza  ·  2928 days ago  ·  link  ·    ·  parent  ·  post: Lets Encrypt SSL

The main downsides of Let's Encrypt are:

- Certs expire after only 90 days, so you pretty much have to automate the process

- No wildcard certs

- No "extended validation"



markup tips  ·  0


AlderaanDuran  ·  2928 days ago  ·  link  ·  

    Certs expire after only 90 days

Yeah... that's a deal breaker for a company my size. Just on my two web apps I probably have 100+ certs and we do two year rotations. Yeah it's mostly scripted for the replacement, but I still gotta get on during a late night maint window, do a rolling release through the load pool, have QA smoke test each server, then do a pool smoke test, yada yada.

Not worth it. 90 days is far too fucking short. That introduces too much risk into an environment.

thank you for the info though!

+discuss+discuss
about
tutorial
faq
rss
tmi
random
privacy & terms
weather
donate
login