Finally took the time to use certificates for codeminded.be and pvanhoof.be. Also the SMTP at mail.codeminded.be should now have a somewhat good TLS situation, too. But of course, whoever needed tell me something very secret … just met with me face to face. Duh.
My colleague in crime introduced me to keybase.io, which indeed looks quite nice and fantastic.
Congratulations to the Let’s encrypt initiative for making it really, really easy.
That certbot couldn’t parse my default-ssl in available-sites. No idea why. But it wasn’t in enabled-sites. After removing that original debian-package file, it all worked fine.
They probably also want to post a checksum of that “wget https://dl.eff.org/certbot-auto” thing there. When downloading and executing things on my server I usually do want to quickly and easily check and double-check it all.
The tool is also not super easy to use for anything that isn’t HTTPS. Especially SMTPS comes to mind.
Check out this post to use the dns challenge; http://tech.sid3windr.be/2016/08/centrally-managing-your-lets-encrypt-certificates-using-the-dns-01-
Saw that one on planet-grep, indeed. Thanks. Was one of the posts that convinced me to try Let’s encrypt.