On Sat, Sep 24, 2016 at 8:54 PM, ilf <i...@zeromail.org> wrote: > I wonder why the suckless-websites are only available in HTTP, not in HTTPS. > In the age of letsencrypt.org, there aren't a lot of valid excuses against > TLS. Am I missing one from a suckless-philosopy? Or has this just never been > requested? > > I for one would love to see unencrypted communications on the internet die. >
I agree, It would be nice to have. There is a ACME client to use with Letsencrypt which is really nice, it is written in C (as opposed to the official client or third-party python tools): https://kristaps.bsd.lv/acme-client/ . It is in OpenBSD -current base now, but it is also portable to Linux and other platforms. Using a cronjob the certificate can be automatically renewed (valid for 3 months). The command I use is similar to this: acme-client -v -F -f account.key -k /etc/ssl/private/private.key -c . -C /var/www/domains/challenges/htdocs/.well-known/acme-challenge # <reload httpd> Kind regards, Hiltjo
