On 2/21/20 12:04 PM, Ken Hohhof wrote:
I don't have experience with letsencrypt but a webserver software mailing list I'm on has constant traffic about problems with certs not renewing. It may be specific to that software, but my gut tells me if this is something mission critical and you don't want to monitor it for problems, just pay a regular cert authority. It's not a trivial amount of money, but not Bloomberg money either. I have too many things demanding my time already without having to babysit website certs.
I've converted 100% of my certs to use Let's Encrypt. As long as your automated renewals are working you're golden. That's the catch though, LE certs are only good for 90 days, so you absolutely can't be brain dead about making sure automated renewals work. I use the default certbot client but there are many other clients.
-- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com