Letsencrypt Alternatives

letsencrypt reviews and mentions

• OpenSpeedTest in docker through DSM Reverse Proxy - incorrect upload speeds
  2 projects | /r/synology | 20 Jan 2023

  If you do go with NPM or Traefik, under the covers it's using certbot to request/renew your certificates through Let's Encrypt using the DNS-01 challenge, meaning you can get wildcard certs and don't have to futz around with port forwards. Again I'd think Caddy has similar functionality, I just have not used it personally. Raw NGINX you probably don't want to try out yet considering it requires manually doing the configs

• Snap Store administrators removed signal-desktop from Ubuntu Snap
  14 projects | news.ycombinator.com | 3 Nov 2022

  certbot won't be missed. The code quality is pretty poor.

  https://github.com/certbot/certbot/issues 5000 bugs and it most of it can be replaced by much smaller tools

• Uacme: ACMEv2 client written in plain C with minimal dependencies
  12 projects | news.ycombinator.com | 21 Aug 2022

  Right? It’s so ridiculous how you’re supposed to use Snap to install certbot. The (well, one of..) GitHub discussion is just beyond the pale:

  https://github.com/certbot/certbot/issues/8345#issuecomment-...

• Let’s Encrypt Receives the Levchin Prize for Real-World Cryptography
  2 projects | news.ycombinator.com | 16 May 2022

  It goes way beyond, since Let's Encrypt influence the ecosystem a lot and the standards that are used.

  If you use Let's Encrypt, you are likely using Certbot, which means that everybody uses a tool that a central authority strongly recommends to you.

  I wonder how they generate the key, for example, it may be using secp256r1: https://github.com/certbot/certbot/blob/5c111d0bd1206d864d7c...

• mureq: single-file, zero-dependency replacement for the Requests http library
  3 projects | /r/Python | 17 Jan 2022

  Put another way, mureq should be able to replace Requests in complex applications, as long as those applications use HTTP in relatively simple ways. For example, I wrote a proof-of-concept PR for replacing Requests with mureq in certbot.

• My first golang home project
  3 projects | /r/golang | 1 Sep 2021

  The agent will find virtual hosts of a web server and after that you will be able to secure your site with a certificate. The agent can issue a Let's Encrypt certificate, or you can upload your own certificate (with the .pem extension). The agent will configure the web server configs and install the certificate. The functionality is very similar to the functionality of the certbot (https://github.com/certbot/certbot), but the service allows you to secure the site through the UI in a few clicks. Currently, only apache web server is supported.

• Another free CA as an alternative to Let's Encrypt
  15 projects | news.ycombinator.com | 20 Aug 2021

  Do you realize that "HN" isn't one single monolithic entity that needs to achieve 100% consistency in its views? Like if one person here says "use existing libraries" but then a different person says "don't use this existing library", that doesn't actually mean that someone was being hypocritical.

  You might also consider that not all advice (especially when presented in an extremely limited form like a comment box on a website) should be interpreted as black or white, full compliance or complete rejection, but might better be treated as a general guideline or recommendation and that standard disclaimers or tradeoffs ought to be implied.

  Certbot is a bad example of "use existing libraries and never reinvent the wheel" because it pulls in soooo many unrelated things. These are certbot's python dependencies: https://github.com/certbot/certbot/blob/master/tools/require...

  Almost 200 different dependencies. Most of them to handle some niche use-case that are likely not what a given user needs. For some people certbot, with its downsides still might be the best solution. For others, there might be a more appropriate solution that still avoids reinventing the wheel. Eg, I prefer to use a single Go library to do ACME stuff or to just use Traefik or Caddy or some other reverse proxy/load balancer that supports ACME transparently without pulling in a ton of extra packages that aren't relevant to me. But sometimes, cerbot is still the simplest solution, so I use that. I still reserve the right to wish that it had fewer dependencies.

• How To Configure NGINX With SSL and HTTP/2
  4 projects | dev.to | 11 May 2021

  Thanks to open-source tools like Certbot, installing a free certificate is dead easy. Head over to https://certbot.eff.org/ link. Now select the software and system that powers your server.

• is it OK to use Free SSL/TLS Certificates - Let's Encrypt ?
  2 projects | /r/Wordpress | 31 Mar 2021

  Actually it is Open Source (I'd say "Free Software" but they're the same thing). The software that makes the CA work, Boulder, is here: https://github.com/letsencrypt/boulder and the end user software to get certificates which now called CertBot but was once just named "letsencrypt" is here: https://github.com/certbot/certbot

• Ask HN: Cheapest/ easiest way to host a static site
  12 projects | news.ycombinator.com | 26 Mar 2021

  Cool! There's also certbot[0] and lego[1] which can do ACME-DNS with a range of providers beside CF. You could also do tls-alpn, which allows you to do do the challenger encrypted on another port. It's primarily worth considering for those issuing certs for non-public domains that shouldn't be broadcasted via public DNS.

  [0]: https://github.com/certbot/certbot

• A note from our sponsor - #<SponsorshipServiceOld:0x00007f0f9b8e3170>
  www.saashub.com | 8 Dec 2023

  SaaSHub helps you find the best software and product alternatives Learn more →