Let's Encrypt

SSL Certificate and Future Developments

Submitted by Scott Dowdle on Thu, 12/03/2015 - 18:05

The topic of the BozemanLUG meeting tonight is the Let's Encrypt project. Today I got an SSL certificate for this site from Let's Encrypt and I would like to encourage everyone to use the https version of this site. Your browser should love the new certificate and automatically accept it.

Ghosts of SSL Certs Past
I have used a free start.com SSL cert but it expired. Since then I've used a self-signed one as everything I do on the site is over https since I want to avoid getting my admin account credentials sniffed out over plain-text... but asking the rest of the world to accept my self-signed SSL cert? That's just too much.

Now that I have a good cert, I might force https at some point but not yet.

Future Developments
This site is ancient. The software running this site is ancient... and the distro it is running on is ancient. I hope to change that sometime after the new year. The limiting factor was a lack of public IP addresses... as I wanted to create a new OpenVZ container with newer stuff on a different IP address. In January we should have 5 additional IP addresses and I can at least get started on a new site while leaving this one running until the new one is ready. I'm not even going to guess when I'll be done enough with the new site so this old one can go away, but hopefully sometime in 2016. :)