Letsencrypt vs paid certs?

Page 2 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
Toggle sidebar Toggle sidebar
ultimatebob

ultimatebob

Lifer
Jul 1, 2001
25,134
2,450
126
XavierMace said:
You use the term "dead in the water" a lot. I do not think it means what you think it means. If they did vanish, then you just reenable HTTP until you get your cert figured out. It's not like your server just self destructs. You've been running HTTP for however long your sites have been up so it's clearly not a huge issue.
Click to expand...

Yeah, it's not like SSL magically stops working the day the certificate expires as well. Sure, you'll get a security warning saying that the cert is expired, but that doesn't stop most browsers from letting you access the site with after the security warning.

One thing that bugs me is that "real" SSL certificates from VeriSign/Thawte/DigiCert and the like are expensive. If Let's Encrypt ever did disappear, you're going to either going to have to pony up around $150 a year for a verified certificate or explain to your users why the site is no longer encrypted.
 
Red Squirrel

Red Squirrel

No Lifer
May 24, 2003
69,920
13,449
126
www.anyf.ca
ultimatebob said:
One thing that bugs me is that "real" SSL certificates from VeriSign/Thawte/DigiCert and the like are expensive. If Let's Encrypt ever did disappear, you're going to either going to have to pony up around $150 a year for a verified certificate or explain to your users why the site is no longer encrypted.
Click to expand...

Exactly that is my main fear. I will grow accustomed to all my domains being SSLed then suddenly have to decide which ones I drop or to pony up the cash. It would be nice if at very least wildcard certs were default, but those are even MORE expensive. I only have a few domains that are really critical to secure so the others I'd just let drop and go back to HTTP so guess it's not a HUGE deal. LE despite being new looks like is already pretty big already so I imagine if they have any financial issues a lot of people will back them. I donated already myself.

I started to do 301 redirects to force some domains to HTTPS. Easiest way to get search engines to update to the HTTPS sites.

One benefit of HTTPS even for websites that don't handle personal info is that it protects the users from eavesdropping to some extent, and I imagine it probably increases SEO score too.
 
Jaskalas

Jaskalas

Lifer
Jun 23, 2004
35,192
9,365
136
I discovered Letsencrypt last year, along with acme.sh to manage it.
The following is how I forced HTTPS from HTTP on apache. Not sure if it's a preferred method.

httpd.conf
Code: 
# Force SSL
<IfModule mod_rewrite.c>
   RewriteEngine On
   RewriteCond %{HTTPS} off
   RewriteRule (.*) https://%{HTTP_HOST}:443%{REQUEST_URI}
</IfModule>
 
sonitravel09

sonitravel09

Senior member
Jun 25, 2014
217
4
46
The short version is that Let's Encrypt is a certificate authority, and AutoSSL is a feature of cPanel & WHM. We started building the Marketplace and AutoSSL features a long time ago, and launched them with Comodo support, and will soon add Let's Encrypt support to the feature in the form of a plugin.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom