- This topic is empty.
-
Posts
-
I had a close call this week with the free Let’s Encrypt SSL license on one of my adult sites. I got locked out in Firefox! Guess you get what you pay for.
Anyhow, I was wondering what paid SSL options you guys use. I see Comodo is rated high, any others I should consider?
And the paid SSL certificate providers are ok with adult content websites, yes?
The reason why Let’s Encrypt has a 90 day expiration is because constantly changing your cert makes you more secure. Then again, the content most of us are dealing with doesn’t warrant anyone trying to crack our certs, so for us it probably doesn’t matter.
We use rapidssl for 50+ domains and never have had any issues with them. Most of our domains are pretty obviously adult oriented too.
I know lots of people who use Lets Encrypt with no issues… for us we just have to many sites that its worth the cost for a more convenient solution.
Let’s Encrypt is great, but it’s a little tricky. Basically at least every 90 days you need to renew the cert (this is a good thing), and to renew the cert you need to validate that you are worthy of getting a cert (that you own the domain or you host the domain). If anything goes wrong in that process you don’t get your new cert. That wouldn’t be a huge problem except that typically the certificate renewal is done via a cron job and so when there’s an error no one sees that there was a problem. First time you find out is when you go to your site and see an error saying there was an expired certificate.
If you have multiple domains in your certificate like I do if you don’t renew one of the domains, renewing the cert will fail, which affects all of your domains. I never used to tell NatNet when I let a domain go. Now I have to do it religiously so they can take it out of the cert. If you’re just dealing with one domain per cert (like most people), that’s not a problem.
But when it works, Let’s Encrypt is great.
We used to use RapidSSL but went with Let’s Encrypt a while back. We had only one problem with a one adult site re registering with Let’s Encrypt after 90 days; but, it was quickly resolved by the hosting guys.
That’s what happened to me, but my site was with HostGator so the support fix took a few days. Would like to now just pay for a good SSL so I don’t have to risk this again.
It has something to do with using certbot. I don’t do any server configuration, but I’d imagine any host could implement the renew commands.
certbot.eff.org/docs/using.html#renewal
