Comment on Let's Encrypt is 10 years old today !
Redjard@lemmy.dbzer0.com 2 days agoThey don’t offer wildcard certs, but otherwise I think they are.
I wanna say acme.sh defaults to them.
Comment on Let's Encrypt is 10 years old today !
Redjard@lemmy.dbzer0.com 2 days agoThey don’t offer wildcard certs, but otherwise I think they are.
I wanna say acme.sh defaults to them.
Laser@feddit.org 2 days ago
Never used them, but they state at zerossl.com/features/acme/ that their free acme certs include wildcards.
Redjard@lemmy.dbzer0.com 1 day ago
Yes, seems you are right. Not sure where I got the impression.
Unrelated, when I researched this I saw that acme.sh, zerossl, and a bunch of other acme clients are owned by the same entity, “Stack Holdings”/“apilayer.com”. According to this, zerossl also has some limitations over letsencrypt in account requirements and limits on free certificates.
It is suspicious that they impose so many restrictions then wave most on the acme api, where they presumably could not compete otherwise. On their gui they allow only 3 certificates and don’t allow multi-domain at all. Then even in the acme client they somehow push an account into the process.
This all does make me slightly worry this block around apilayer.com will fall before letsencrypt does.
Other than letsencrypt and zerossl, this page also lists no other full equivalents for what letsencrypt does.
Laser@feddit.org 1 day ago
I think if LetsEncrypt went away, so would ZeroSSL’s free offer.
However, I do think not having limitations on the API is good; automation is good practice and I guess this is a concession to customers /users who have no automation in place (though this is a sad state by now). LE doesn’t offer anything comparable AFAIK.