how to use the ktls
Freddie Cash
fjwcash at gmail.com
Mon Jan 27 16:40:59 UTC 2020
On Sun, Jan 26, 2020 at 12:08 PM Rick Macklem <rmacklem at uoguelph.ca> wrote:
> Oh, and for anyone out there...
> What is the easiest freebie way to test signed certificates?
> (I currently am using a self-signed certificate, but I need to test the
> "real" version
> at some point soon.)
>
Let's Encrypt is what you are looking for. Create real, signed,
certificates, for free. They're only good for 90 days, but they are easy
to renew. There's various script and programs out there for managing Let's
Encrypt certificates (certbot, acme.sh, dehydrated, etc). There's a bunch
of different bits available in the ports tree.
We use dehydrated at work, using DNS for authenticating the cert requests,
and have it full automated via cron, managing certs for 50-odd domains
(school servers and firewalls). Works great.
--
Freddie Cash
fjwcash at gmail.com
More information about the freebsd-current
mailing list