There's a certain amount of back-and-forth involved in getting a domain-validated certificate. I say to the registrar "I want a cert for www.google.com" and they say back "Prove you control www.google.com by putting this file at www.google.com/yes-give-the-cert-to-michaelt.txt" then the registrar retrieves that file.
You also have to generate the private key in the first place, get the URL in the right field in the CSR, send the right file to the registrar (don't accidentally send them the private key!), convert between the dozens of file formats (.pem .crt .cer .key .der .p7b .p7c .pfx .p12 .jks), add the right intermediate certificates, put the file in the right place, make sensible cipher selections, set your file permissions right, make a secure backup of your key, check it works in several browsers and OSes - and repeat the whole process in a year or two when that certificate expires.
In the all-encrypted http2 world of the future, it would be better if the web server just took care of all that the first time it was started - just like a Linux server automatically generates a SSH private key at first boot.
And another small note in regards to CSR: typical CA today uses the CSR only to get public key you want to have signed and replaces everything else with whatever they deem correct.
Did a CA once accidentally sign a raw CSR that requested to itself become a CA? It seems like I remember something like this, but I couldn't find evidence. Anyway, that's one reason for the CA to be very careful what values it pulls out of the CSR.
One small note on HTTP/2: The TLS requirement never reached consensus in the working group. HTTP/2 implementations are free to add or remove the requirement.
A big part of the reason is that free certs exists already (startssl), but it takes A LOT extra work to set it up.
The whole point here is that eventually the deployment tool can be integrated in existing server software, such that when you set up your server on your domain, requesting a certificate can be an automatic step that the sysadmin and web developer don't even have to think about.
This makes sure encryption will eventually be deployed by default everywhere, because it is literally easier than not to.
Nitpick: not for businesses. If you're asking for a certificate for anything that they may suspect has slight relation to any commercial activity, the request will be denied. It may be accepted by chance, but that's unreliable.
Companies who don't want to pay currently have only single option - WoSign, and they had started to give out free certificates relatively recently (I heard of them only this February)
> Class 1 certificates are limited to client and server certificates, whereas the later is restricted in its usage for non-commercial purpose only. Subscribers MUST upgrade to Class 2 or higher level for any domain and site of commercial nature, when using high-profile brands and names or if involved in
obtaining or relaying sensitive information such as health records, financial details, personal information etc.
StartSSL will make you pay to revoke a certificate if you need to.
They have some sort of regex they use to flag business domains. For example, if your domain contains the word 'billing', then they won't give you a cert.
I can't use StartSSL because my DNS registrar doesn't populate whois the way they like it. Also, anyone relying on some sort of whois privacy cannot use StartSSL.
I would like to add that from my personal experience I would not recommend the free StartSSL cert for personal use. The certs are free but revoking them costs money, so when the whole Heartbleed thing happened a lot of people got screwed. Regardless of the cert owners ability to pay for it, StartSSL made the web an arguably less secure place with that business decision and many did not pay to revoke their free cert. For a time there were even discussions of removing all the StartSSL certs from Firefox as a result [0].
I agree but I think registration and configuration should be split a little bit more. I personally won't trust it with my config files (and god knows what other wonderful webserver will emerge next month), but having an automated cert-generation tool is great.
Also, they absolutely must improve OSX support. One of the main objectives is to help people who are in the web field but wouldn't otherwise bother learning the intricacies of SSL configuration; these people by and large use Macs.
> I agree but I think registration and configuration should be split a little bit more. I personally won't trust it with my config files (and god knows what other wonderful webserver will emerge next month), but having an automated cert-generation tool is great.
The official client can be ran in 'auth' mode, in which it will not write to your server configs. It can still automate the authentication process for you by looking at where the DocumentRoot is, and placing a file there. But this is also optional, since there is a manual authentication mode as well that just gives you a file, and you'll have to make it available under your domain somewhere and tell it when you've done so.
> Also, they absolutely must improve OSX support. One of the main objectives is to help people who are in the web field but wouldn't otherwise bother learning the intricacies of SSL configuration; these people by and large use Macs.
I know, I just think "auth mode" could be a separate tool to improve usability. It might just be an alias, I don't care, but it's easier to remember "get-cert" than yet another double-dash parameter IMHO.
> They also use Mac on their servers?
No, but very often they develop and try new tools on their Macs. By blowing the mac experience you're forcing them/us to spin up a vm (if you can) and repeat the installation. This raises the bar for adoption a little bit. In these fickle times, it can make the difference between "oh wow this is magic" and "can't be arsed, will check it out later/never".
> I know, I just think "auth mode" could be a separate tool to improve usability. It might just be an alias, I don't care, but it's easier to remember "get-cert" than yet another double-dash parameter IMHO.
It's a subcommand, not a "double-dash parameter". You have to supply one of the following, for it to do anything:
(default) run Obtain & install a cert in your current webserver
auth Authenticate & obtain cert, but do not install it
install Install a previously obtained cert in a server
revoke Revoke a previously obtained certificate
rollback Rollback server configuration changes made during install
config_changes Show changes made to server config during installation
> No, but very often they develop and try new tools on their Macs. By blowing the mac experience you're forcing them/us to spin up a vm (if you can) and repeat the installation. This raises the bar for adoption a little bit. In these fickle times, it can make the difference between "oh wow this is magic" and "can't be arsed, will check it out later/never".
It's a tool meant for servers, to configure server software. I'm not sure why anyone would want to run it on their development machine, especially since a domain name needs to be pointed towards a webserver running on that machine that is accessible from the WAN.
> I'm not sure why anyone would want to run it on their development machine
Do you usually download and run random tools for the first time directly on a server box?
> a webserver running on that machine that is accessible from the WAN
Ok then you really should specify this somewhere. I've gone through the github readme and the User Guide without this being mentioned anywhere. I'm probably stupid for not running arbitrary beta tools on random wan-facing servers, but I'm certainly not the only stupid person in IT today.
It's required to supply a subcommand, or it won't do anything. That is a big difference from a flag which you may forget to use, and then the program runs anyway.
> Do you usually download and run random tools for the first time directly on a server box?
I usually spin up a virtual machine for testing out server stuff.
> Ok then you really should specify this somewhere. I've gone through the github readme and the User Guide without this being mentioned anywhere. I'm probably stupid for not running arbitrary beta tools on random wan-facing servers, but I'm certainly not the only stupid person in IT today.
Me? I'm just a happy let's encrypt beta user. https://letsencrypt.org/howitworks/technology/ seems like a pretty clear, easy to comprehend, overview to me. I'm not sure how you were planning on validating ownership of a domain to a third party if you don't want that third party to request resources served by that domain.
It's not that you forget to use it, it's forgetting what you're supposed to specify. Anyway, it's a UI thing so we'll never agree. Fine.
> I usually spin up a virtual machine for testing out server stuff.
Yes, we've established that. What I'm saying is, not everyone does. In fact, the people you most want to use this tool (the SSL-illiterate, so to speak) are probably the ones most likely not to do it.
Well then, there must have been a miscommunication about the aim of this project. The target user, from what I understood, was supposed to be the SSL-illiterate who doesn't really care too much about the whole tech, he wants things to Just Work. The experts could already self-sign or snag a certificate here or there; the point of this tool was supposed to be helping workaday IT guys get on board the encryption thing with the minimum of effort and cost.
None of these people is going to read that page (who reads "about" pages on marketing websites?). They are going to clone the repo, check the readme, maybe check the user guide linked from the readme. If it doesn't work the first time for whatever reason (because the guide is not clear where it can and cannot be run), they're going to drop it and just keep doing what they're already doing (which, after all, Just Works already, it's just not encrypted).
If LE developers want to onboard stupid people like me, they have to clarify that:
1) this is supposed to run only on internet-facing servers with a domain already pointed to them,
2) this doesn't work on mac -- no half-hearted "experimental support", if they can't be bothered they should just drop it,
3) all the info required to make it run "without thinking" should be either in readme or user guide.
There's alternative tools that use the same standard API, you don't need to use the standard tool.
If you want it to only register and authenticate to fetch a cert but not install it, and you want it to just tell you what you need to do so that you can do it manually if you so wish, then that's possible.
If you just want a free cert, you can use my letsencrypt-nosudo client[1], which doesn't ask for your private key or sudo access or have to be run on your server (except for one copy-paste line you can inspect). The official letsencrypt client is geared much more towards someone who doesn't understand how TLS certs work. For people who know what they're doing, you can use lightweight clients like mine to just get your free cert.
Let's encrypt certificates are valid for only 90 days, and I guess the argument is that you want automatic tooling to take care of renewal if it happens so often.
That might actually be a good thing, though. Currently I have to do it for a couple of domains every year. By forcing me to automate it, it takes me more time once, but afterwards I don't have to look at it anymore at all.
Ugh, really? I was planning on only using the tools to write out the initial certificate file, as I don't want too much running on my servers. This has certainly put a damper on my excitement about Let's Encrypt.
From a quick look at the protocol, it shouldn't be an issue to run the ACME client on one host and scp CSRs from your servers to it, hand them to lets encrypt, and move the results back. So yes, you have to touch or run it every 2-3 months, but it doesn't have to run on all your servers.
I'm more wondering if I can cron it (without sudo), and not have it run as a daemon. Then, once every two weeks or so, it can just refresh the cert using the csr I generated before. It should be pretty easy to do, I'm just not familiar with the clients at this point.
Plus lack of identity validation. While the author of the article minimizes this, we shouldn't remove it from the equation just because users can't tell the difference. The right thing would be to fix the users understanding rather than weaken the product.
LetsEncrypt will be good for all those sites we deploy with self-signed certs, but won't be replacing major sites any time soon.
Is identity validation under any circumstances more than snake oil?
Neither users nor browsers could tell whether a site is supposed to run a domain- or identification validated certificate. (Fun fact, HN uses a domain validated cert.) All you get is higher costs for some X.509 fields nobody ever looks at, and nobody would miss if an MITMing attacker replaced your ID validated cert with an domain validated one.
You can use HPKP to pin EV-only root CAs, so you can still replace your cert, but it can only be replaced against another EV one.
Doesn't protect against a hacked/rogue CA, but against someone getting access to your DNS/mail/web server and getting a useable certificate from a only-domain-validating CA.
Just because the CA or the intermediate says EV doesn't mean that they only issue EV certs. The CA we use at work will issue certs with their EV root when we need compatibility with older installs, they only had their EV root cross signed.
Yes, but EV is not the same as identity validation. That's another variant of certificates that was only introduced because identity validation alone is so bloody useless.
> Plus lack of identity validation. While the author of the article minimizes this, we shouldn't remove it from the equation just because users can't tell the difference. The right thing would be to fix the users understanding rather than weaken the product.
But should we? I've never looked at an SSL cert past seeing the green lock icon and "https". Maybe I'm an idiot but I just don't see the value in checking it every time I go to a site AND remembering if it was just domain or one with identity the last time I visited...
Not anywhere that I can find. Let's Encrypt is very important or full participation on the web isn't available to the poor. The internet should be fully usable by anybody with an IP. Adding the cost of a PKI cert is a barrier to entry.
> Startssl
...won't give me a certificate. (they have in the past, I don't know why they changed their mind)
This assumption that a single private business providing free certificates (but mind the fine print) is somehow an a solution to the SSL problem is poor engineering[1]. Unfortunately, this kind of
attitude has become very common in recent years.
[1] You should always have a second source for anything critical. A design that is dependent on a single point of failure that you don't control is a design that is guaranteed to fail unpredictably.
Am I missing something when all I really want are the free certs?