Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Let's Encrypt starting to send out more invites - just got one
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Let's Encrypt starting to send out more invites - just got one

zeitgeistzeitgeist Member
edited October 2015 in General

From Let's Encrypt:

Currently we've whitelisted 2935 domains, out of more than 95238 in the current beta signup list (number from 24 Oct). While admittedly that's only 3%, it's an interesting game to see how many of those invitations turn into certificate issuances - as you pointed out, there are so far only 203 certificates issued. We'll be doubling that number of whitelisted domains tomorrow.

https://community.letsencrypt.org/t/beta-application-approval-time/1526/13

The invite mail:

Greetings from Let's Encrypt, alex.

Thank you for your interest in our beta program! We're excited to let you know that your domains (below) have been whitelisted, and you can now utilize an ACME client to obtain a certificate for them.

Quick Start
To use Let's Encrypt's official client to obtain your real certificates, you will need to provide the production API URL on the command line:

https://acme-v01.api.letsencrypt.org/directory
When running the Python client (installation directions [1]), be sure to specify the --server argument with the production URL:

git clone https://github.com/letsencrypt/letsencrypt cd letsencrypt ./letsencrypt-auto --agree-dev-preview --server \ https://acme-v01.api.letsencrypt.org/directory auth
If you are using a different ACME client, be sure to configure it to use the production URL in order to get valid certificates. Many clients will default to the staging URL.

Known Issues
There are some known issues with the official Python client posted here: https://github.com/letsencrypt/letsencrypt/wiki/Known-issues

Renewals and Lifetimes
Certificates from Let's Encrypt are valid for 90 days. We recommend renewing them every 60 days to provide a nice margin of error. As a beta participant, you should be prepared to manually renew your certificates at that time. As we get closer to General Availability, we hope to have automatic renewal tested and working on more platforms, but for now, please play it safe and keep track.

Rate Limiting
During this beta test we have very tight rate-limiting in place. We plan to loosen these limits as the beta proceeds.

There are two rate limits in play: Registrations/IP address, and Certificates/Domain.

Registrations/IP address limits the number of registrations you can make in a given week; currently 2. This means you should avoid deleting the /etc/letsencrypt/accounts folder, or you may not be able to re-register.

Certificates/Domain you could run into through repeated re-issuance. This limit measures certificates issued for a given combination of Top Level Domain + Domain. This means if you issue certificates for the following domains, at the end you would have what we consider 4 certificates for the domain example.com.

www.example.com
example.com www.example.com
webmail.example.com ldap.example.com
example.com www.example.com
The limit on Certificates/Domain has a window of 90 days - the same as our certificate lifespans. We know it's restrictive at present; thank you for your patience in helping us ensure Let's Encrypt is ready for the whole world.
Certificate Transparency
Part of our transparency mission includes publicly disclosing the certificates we issue via Certificate Transparency. Your email address is not publicly disclosed.

Helpful Information
Let's Encrypt maintainence events are posted on https://letsencrypt.status.io/ and Twitter (@letsencrypt_ops). If you need help, both the Let's Encrypt community at https://community.letsencrypt.org/ and #letsencrypt on irc.freenode.org are excellent sources of assistance.

If there are updates for Beta program participants, they will be posted at the community site at https://community.letsencrypt.org/t/beta-program-announcements/1631.

Your whitelisted domains are:

Comments

  • why limit beta participants so heavily?

    I was really looking forward to letsencrypt, but pretty much anything they do makes me hate it before having tried it. -.-

    Thanked by 1rm_
  • Dunno. Perhaps they are worried about messing something up and risking their browser-trusted status if the mess up is on a large scale?

    Thanked by 24n0nx SystemZ
  • hmm makes sense.

    (of course I will still try it :p)

  • BochiBochi Member
    edited October 2015

    Got whitelisted too and set everything up a few hours ago, it worked out perfectly nice! :)
    Think (rate-)limiting everything is not the badest decision one could make in a "early beta stage".

    /EDIT/
    The only thing I am not sure about right now is how I want to setup the auto-renewal.

  • zeitgeistzeitgeist Member
    edited October 2015

    I ran the letsencrypt command through the docker container they provide in their git repo. Worked fine. I chose to manually deploy the certificates.

    IMPORTANT NOTES:
    - Congratulations! Your certificate and chain have been saved at
    /etc/letsencrypt/live/www.zeitgeist.se/fullchain.pem. Your cert
    will expire on 2016-01-24. To obtain a new version of the
    certificate in the future, simply run Let's Encrypt again.

  • Awesome. Can't wait to get mine!

  • MikePTMikePT Moderator, Patron Provider, Veteran

    Well perhaps auto-renewal will work just fine and people don't need to worry about the 90 days expiry date?

  • Received the beta invite as well. Still searching tutorial to install this cert on debian os.

  • Can any of you who got invited please install a cert somewhere and link here. Would love to run some tests.

  • @ksubedi: You can just test this page, it's got their cert working: https://helloworld.letsencrypt.org/

    Thanked by 1ksubedi
  • eva2000eva2000 Veteran
    edited October 2015

    Got my Letsencrypt beta invite and setup my 1st trusted Letsencrypt SSL certificate on my Centmin Mod LEMP stack (working on fully automated integration) via Letsencrypt webroot authentication method https://community.centminmod.com/posts/19914/ :)

    https://le1.http2ssl.xyz

    Thanked by 1ksubedi
  • @eva2000 said:
    Got my Letsencrypt beta invite and setup my 1st trusted Letsencrypt SSL certificate on my Centmin Mod LEMP stack (working on fully automated integration) via Letsencrypt webroot authentication method https://community.centminmod.com/posts/19914/ :)

    https://le1.http2ssl.xyz

    Nice! It is indeed a 90 days certificate. Have fun. I'll hang around with 1y WoSign.

  • eva2000eva2000 Veteran
    edited October 2015

    yeah 90 day renewals are inconvenient but with automation should be less of a problem

    if folks want to chime in, they can post on that matter at https://community.letsencrypt.org/t/maximum-and-minimum-certificate-lifetimes/264/

  • Mahfuz_SS_EHLMahfuz_SS_EHL Host Rep, Veteran
    edited October 2015

    Path 2:

    Isn't Required. Why they kept this in thid way ??

Sign In or Register to comment.