Let's Encrypt gets automation

Unblocking the open CA's client process

Hoping to expand the pool of Let's Encrypt testers, TrueCrypt audit project co-founder Kenneth White has run up a set of scripts to automate the process of installing certificates under the Mozilla-backed open CA.

White, co-director of the Open Crypto Audit Project, has posted the work at Github, here. He explains that the project is quite simple, consisting of Python scripts to “stand up the official Let's Encrypt certificate management ACME client tool” in the target environments.

These include Debian, Amazon's Linux (for AWS), CentOS, RedHat and FreeBSD.

White says while he considers Let's Encrypt to be an important project, at this early stage of development, the official client “can be fragile and error-prone on some systems”.

Having had to batter his own head against the client, White writes, he says he cleaned up the process in his scripts to make Let's Encrypt more accessible to other users.

He notes that Let's Encrypt should still be considered in-development, and warns against running either the Let's Encrypt client or his scripts in production systems:

“LE is still in beta and has some rough edges”, White notes, “including silently invoking sudo and installing quite a few development packages”.

Let's Encrypt was established at the end of 2014 by Mozilla with the backing of Cisco and the Electronic Frontier Foundation. Its aim is to give a push to the encrypt-everything movement, by making certificates available to those who can't afford to buy certificates from commercial CAs.

The group issued its first certificates in July this year, and in October was recognised as a CA by the world's major browser vendors.

Let's Encrypt is currently running as an invitational beta. ®

Biting the hand that feeds IT © 1998–2018