What is Let's Encrypt?
Who uses Let's Encrypt?
Let's Encrypt Integrations
Why developers like Let's Encrypt?
Here are some stack decisions, common use cases and reviews by companies and developers who chose Let's Encrypt in their tech stack.
I use Laravel because it's the most advances PHP framework out there, easy to maintain, easy to upgrade and most of all : easy to get a handle on, and to follow every new technology ! PhpStorm is our main software to code, as of simplicity and full range of tools for a modern application.
Google Analytics Analytics of course for a tailored analytics, Bulma as an innovative CSS framework, coupled with our Sass (Scss) pre-processor.
To deploy, we set up Buddy to easily send the updates on our nginx / Ubuntu server, where it will connect to our GitHub Git private repository, pull and do all the operations needed with Deployer .
CloudFlare ensure the rapidity of distribution of our content, and Let's Encrypt the https certificate that is more than necessary when we'll want to sell some products with our Stripe api calls.
Asana is here to let us list all the functionalities, possibilities and ideas we want to implement.
Google Analytics is a great tool to analyze your traffic. To debug our software and ask questions, we love to use Postman and Stack Overflow. Google Drive helps our team to share documents. We're able to build our great products through the APIs by Google Maps, CloudFlare, Stripe, PayPal, Twilio, Let's Encrypt, and TensorFlow.
The combination of CloudFlare and Let's Encrypt is very powerful. On all of our websites, we use this combination for best possible results.
CloudFlare is a robust popular CDN with a well-proven record of security features. Let's Encrypt is a non-profit certificate authority run by Internet Security Research Group that provides X.509 certificates for Transport Layer Security encryption. Using Let's Encrypt is completely free of charge which made it a very popular choice for our clients. It is also easy to install and greatly supported by a wide range of hosting providers.
We recently went through building and setting up free SSL for custom domains for our #SaaS customers. This feature is used for hosting public status pages and dashboards under the customers' own domain name.
We are in the #Node.js, #AWS and #Heroku world, but most of the things we learned are applicable to other stacks too.
The post linked goes into three things:
- Configuring the Let's Encrypt / ACME client called Greenlock.
- Getting DNS right on Amazon Route 53
- Actually determining what content to serve based on hostname.
All seem pretty straightforward, but there are gotcha's at each step.
Hope this helps other budding SaaS operators or ops peeps that need this functionality.
Hosting updown.io started with a single OVH server and quickly grew to more server, first it was DigitalOcean VMs and we were very satisfied about them. But we then noticed some shortcomings about #IPv6 networking, although DigitalOcean supports it they don't provide the standard IP range to each VM (by choice) and thus have to block port 25 to avoid other machines being blocked in case of spammer. This is not good for us it means we can't monitor IPv6 SMTP servers properly, that's why we switched to @Vultr (one of their main competitors) which provides similar prices, more locations, and true IPv6 support with no blocked ports. Of course they offer less tools and the support is probably better at DigitalOcean but so far we're happy with @Vultr.
We still use some @OVH servers (which offers tremendous price/performance ratio) for the main web and database server + 2 of the daemons. In addition to this, we also have 2 DigitalOcean VMs for the secondary web and database server and for the automatic TLS termination proxy used to automatically issue Let's Encrypt certs for status page custom domains (for these servers the IPv6 port block is not an issue)
When my SSL cert MaxCDN was expiring on my personal site I decided it was a good time to revamp some things. Since GitHub Services is depreciated I can no longer have #CDN cache purges automated among other things. So I decided on the following: GitHub Pages, Netlify, Let's Encrypt and Jekyll. Staying the same was Bootstrap, jQuery, Grunt & #GoogleFonts.
What's awesome about GitHub Pages is that it has a #CDN (Fastly) built-in and anytime you push to master, it purges the cache instantaneously without you have to do anything special. Netlify is magic, I highly recommend it to anyone using #StaticSiteGenerators.
For the most part, everything went smoothly. The only things I had issues with were the following:
- If you want to point
wwwto GitHub Pages you need to rename the repo to
- If you edit something in the
_config.ymlyou need to restart
bundle exec jekyll sor changes won't show
- I had to disable the Grunt
htmlminmodule. I replaced it with Jekyll layout that compresses HTML for #webperf
Last but certainly not least, I made a donation to Let's Encrypt. If you use their service consider doing it too: https://letsencrypt.org/donate/