旨在让每个网站都启用 HTTPS 加密的 Let’s Encrypt CA 宣布将于 2018 年 1 月免费提供通配符证书(Wildcard certificate)。通配符证书是一种可被多个子域使用的公钥证书。这意味着,单个证书可用于提供多台服务器或一台服务器托管的多个子域名的网页加密,显著降低了个人和小型企业采用 HTTPS 的门槛。
Let’s Encrypt 表示,它希望通配符证书能帮助 Web 加快实现 100% HTTPS。Let’s Encrypt 前不久刚刚宣布签发了一亿个证书。
目前老D后端服务器用的正是Let’s Encrypt的SSL,服务器设置三个月自动续期。
Let’s Encrypt新闻原文:
Jul 6, 2017 • Josh Aas, ISRG Executive Director
Let’s Encrypt will begin issuing wildcard certificates in January of 2018. Wildcard certificates are a commonly requested feature and we understand that there are some use cases where they make HTTPS deployment easier. Our hope is that offering wildcards will help to accelerate the Web’s progress towards 100% HTTPS.
Let’s Encrypt is currently securing 47 million domains via our fully automated DV certificate issuance and management API. This has contributed heavily to the Web going from 40% to 58% encrypted page loads since Let’s Encrypt’s service became available in December 2015. If you’re excited about wildcard availability and our mission to get to a 100% encrypted Web, we ask that you contribute to our summer fundraising campaign.
A wildcard certificate can secure any number of subdomains of a base domain (e.g. *.example.com). This allows administrators to use a single certificate and key pair for a domain and all of its subdomains, which can make HTTPS deployment significantly easier.
Wildcard certificates will be offered free of charge via our upcoming ACME v2 API endpoint. We will initially only support base domain validation via DNS for wildcard certificates, but may explore additional validation options over time. We encourage people to ask any questions they might have about wildcard certificate support on our community forums.
We decided to announce this exciting development during our summer fundraising campaign because we are a nonprofit that exists thanks to the generous support of the community that uses our services. If you’d like to support a more secure and privacy-respecting Web, donate today!
We’d like to thank our community and our sponsors for making everything we’ve done possible. If your company or organization is able to sponsor Let’s Encrypt please email us at sponsor@letsencrypt.org.
原创文章,作者:老D,如若转载,请注明出处:https://laod.cn/3811.html
评论列表(11条)
老D为什么油管打不开了?
老D 我想问个问题 我使用Let’s Encrypt 的证书
我的配置是
server {
listen 443 ssl;
server_name icooding.com http://www.icooding.com;
ssl on;
ssl_certificate /home/lets-encrypt/icooding.chained.crt;
ssl_certificate_key /home/lets-encrypt/icooding.com.key;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8080;
# root html;
# index index.html index.htm;
}
error_page 404 /404.html;
location = /40x.html {
}
}
访问 网站的时候访问不了 nginx 里面报错
2017/07/13 10:56:47 [notice] 8910#0: signal process started
2017/07/13 10:58:13 [notice] 8916#0: signal process started
2017/07/13 11:01:18 [notice] 8939#0: signal process started
2017/07/13 11:29:13 [notice] 9113#0: signal process started
@juck:这个是我的配置文件:
@老D:谢谢 已经解决了 !
后面 telnet 了一下443端口 发现连不上 才想起443端口没开 。
梯高一尺,墙高一丈
太好了
你想得太多了
那么老D用的哪一款
@Radar9:囸 光看英文了
@Radar9:服务器后端用Let’s Encrypt
好东西