is a self signed certificate always invalid the first time?
Ralph Seichter
m16+dovecot at monksofcool.net
Fri Aug 18 12:58:22 EEST 2017
On 18.08.2017 08:58, Michael Felt wrote:
> as Ralph mentions in his reply - Let's encrypt certs are only for
> three months - never ending circus.
I don't consider the 90-day-lifespan a "circus". It is meant as a
security feature[1], and Let's Encrypt suggests using automation for
certificate renewal. Also, with ACME v2 on the horizon[2], I imagine
that more automation tools will become available.
[1] https://letsencrypt.org/2015/11/09/why-90-days.html
[2] https://letsencrypt.org/2017/06/14/acme-v2-api.html
Let's not forget that Let's Encrypt is still a young service, and that
it is free.
-Ralph
More information about the dovecot
mailing list