Let's Encrypt: The Fully Transparent & Free Non-Profit Certificate Authority

Shedding light upon this service is almost as awesome as the service itself. Thank you Tom, the internet thanks you!

mt_kegan

Great video, thanks. I had heard of Let's Encrypt before but didn't look into it until I saw your video. I self host a couple of webapps from my home server and have now replaced my GoDaddy cert with a Let's Encrypt cert. Was super easy to setup and free. No brainer.

justinbrash

Thank you for giving me a better understanding on this

XllretrollXgaming

letsencrypt is the best. My website uses Traefik reverse proxy with automagic LetsEncrypt integration using DNS challenge. Once its set up, I don't have to think about anything. It just works.

ImARichard

Love LetsEncrypt, all of my servers run their certs

ryangrange

Very informative video, thanks so much...

philipbrindle

Super coverage on this. I will be looking into Let's Encrypt since I just purchase a domain for my LAN.

DanCalloway

I watch so many of your videos if they're not t completely over my head. It just amazes me how fast your mind and your mouth work in concert. I have to wonder just how your employees can keep up with you once you get going. LOL. Sometimes, when I really want to get something, I'll set the speed to 75% so I can get it all. That's pretty funny too, because it makes you sound like you've had a 3 martini lunch.

mikeoreilly

If you don't like your Let's Encrypt certificate, I'll personally triple your money back.

philporada

Big thanks to Lawrence and hello from Moscow '-)

ygtntxrf

6:05 Unless it's Godaddy, they charge an arm and a leg and everything in your pocket to give you SSL. I get mine from Cloudflare.

DestructiveBurn

I would not call a DV CA which has not used multiple perspectives for a long time "abzulotsende secure", it's more minimum acceptable security. If you control the clients it's good to add some extra protection like certificate pinning and monitor the CT logs closely as CAA record seems not to be honored in terms of letsencrypt accounts. (Issuer Account Tag)

berndeckenfels

Use it on unifi controller and unifi video. Going to set it up on 3CX soon ( its used by default for none custom domains ) . No reason to noe use https nowadays. It should be the default. Honestly, should just phase out none https.

andljoy

What do you use for an internal PKI environment? Offline root CA, HSM? Any recommendations for a homelab/small business?

MichaelNazzario

One difference worth mentioning is the info that is in the TLS cert. When you go through a conventional CA, they verify your identity (e.g. company name), and that info is shown in the cert when a user asks for details from the browser. Since Let’s Encrypt does not validate this information (or even ask for it), it can show nothing in the cert apart from your domain name. So all one of their certs is actually certifying is that the site you are connecting to is the actual owner of the domain name, nothing more or less.

lawrencedoliveiro

I'm wondering.. Is it acceptable to ask you for a detailed tutorial on how to install and secure a webserver (Apache) on Linux, and also in another video how to set up let's encrypt reliable and automatic re-new cert.?

Bluelight

Hi Tom. Looking forward for the up coming videos. Would love to have certs for my home network setup. Many thanks.

andymok

Could you please do a video showing how you would enable LetsEncrypt on a Unifi Cloud key with a dyndns FQDN. Thank you

Vikingza

many isp's block port 80 for residential connections. So if that's the case, you won't be able to use Let's Encrypt

gusevening

Thanks for the great video Tom! I understand Google tends to keep their 'secret sauce'... well, secret... but do you have a sense of if/how having an EV or OV certificate might help with your Google Search results on a small e-commerce* site? *the site doesn't process transactions itself

catdog