[BlueOnyx:18721] Re: SSL Certificates (via Let's Encrypt) - available for 5209R

[Tigerwolf]

On Sat, 5 Dec 2015, Michael Stauber wrote:

> Hi all,
>> https://letsencrypt.org/

I was actually going to post with a query whether or not this would be any 
use for BX.  I learned of it from someone asking me to check their 
personally hosted home website.  The browser I was using at the moment was 
an older one that didn't know about the Let's Encrypt Authority, so it 
complained.

Thanks a lot for being pro-active and having a look.  My interest in it 
was it *seemed* like it would support BX-hosted sub-domains, which seems 
to turn rather expensive quickly with most Cert providers that provide 
'free' single domain certs.

> Earlier I said:
>> My impression about their SSL certificate generation mechanism?
>> What a bloody *hipster* bullshit! <sigh>

I kind of got this impression from their website.  At the time I saw it, 
didn't have time to try it.  From what you've said, it's a kludgy (and 
rather fragile) mess.  I particularly don't like things that phone home a 
lot and/or self-update without notice or being told to.  That sort of 
thing has both bandwidth and security concerns.

Perhaps it would be possible to work with them on cleaning up the 
procedure they're using.

Please keep us informed of how it goes.