On Sat, Sep 24, 2016 at 8:54 PM, ilf <ilf_AT_zeromail.org> wrote:
> I wonder why the suckless-websites are only available in HTTP, not in HTTPS.
> In the age of letsencrypt.org, there aren't a lot of valid excuses against
> TLS. Am I missing one from a suckless-philosopy? Or has this just never been
> requested?
>
> I for one would love to see unencrypted communications on the internet die.
>
I agree, It would be nice to have.
There is a ACME client to use with Letsencrypt which is really nice,
it is written in C (as opposed to the official client or third-party
python tools):
https://kristaps.bsd.lv/acme-client/ . It is in OpenBSD -current base
now, but it is also portable to Linux and other platforms.
Using a cronjob the certificate can be automatically renewed (valid
for 3 months).
The command I use is similar to this:
acme-client -v -F -f account.key -k /etc/ssl/private/private.key -c .
-C /var/www/domains/challenges/htdocs/.well-known/acme-challenge
# <reload httpd>
Kind regards,
Hiltjo
Received on Sun Sep 25 2016 - 00:22:35 CEST