Letsencrypt Letsencrypt Offering Wildcard SSL Certificates Jan 2018 !

Letsencrypt folks announced that they will be planning on offering free wildcard SSL certificates via DNS validation from January 2018 Wildcard Certificates Coming January 2018 - Let's Encrypt - Free SSL/TLS Certificates !

 

can't wait - FYI less than 4 weeks to go when Letsencrypt offer's free Wildcard SSL certificates

 

It's what I thought when I was first introduced to 90 day expiry SSL certificates, but now with more than a year using them with proper monitoring & automation in place, they aren't that bad. Generally they are auto renewed at 60 day mark so any failure to auto renew still gives you 30 days head room to figure out the problem if any.

But yes commercial SSL certs have also come down in price - especially domain validated ones thanks to introduced letsencrypt competition Hoping the same effect happens for commercial Wildcard SSL certificates when Letsencrypt starts issues free Wildcard SSL certficates

 

from Looking Forward to 2018 - Let's Encrypt - Free SSL/TLS Certificates public testing from January 4th, 2018 and full launch on Feb 27, 2018

 

Yeah different starting topics

 

@bassie i believe this is official letsencrypt project tracker for Acme v2 API development which is required to switch on wildcard ssl cert issuance on staging API at least first v2 API · GitHub

 

Letsencrypt ACME v2 API endpoint ready for public testing Let's Encrypt on Twitter

from

acme.sh client used for addons/acmetool.sh is also starting to test ACME v2 API neilpangxa on Twitter

from Now acme.sh speaks ACME v2

 

Haven't gotten that far yet for Centmin Mod integration at least as it's trickier to automate for nginx vhost generation because

1. DNS validation only so not all DNS providers via API are supported in acme.sh though alot of most common are
2. acme.sh has additional requirement of passing main domain name to command line for wildcard i.e. -d domain.com -d *.domain.com
3. current centmin mod nginx vhost routines are tied to creation of a specific domain or subdomain name when passing parameters from addons/acmetool.sh to underlying acme.sh client so will need to work out some logic for nginx vhost routines when you try creating several subdomains off of the same domain i.e. sub1.domain.com, sub2.domain.com and sub3.domain.com. Traditional SSL wildcard would be fine with just using *.domain.com for common name. But with acme.sh I would need to manage required domain.com, *.domain.com and subX.domain.com for each subdomain. Ideally, I would like to see future acme.sh client remove the main domain requirement so can create SSL wildcard like traditional ones with just common name set to = *.domain.com

Edit: ooh just checked, new feature Support one wildcard domain only in a cert · Issue #1188 · Neilpang/acme.sh · GitHub

 

Good news though yeah a full complete ECDSA certificate chain is the only thing missing

 

well progress and perfection take time