When I first set up this blog I got an SSL certificate from StartCom’s StartSSL authority, simply because it was the easy way to just get a site on HTTPS.
However, StartCom has recently fallen out of favour with browser vendors, starting with Mozilla and now Chrome. If you haven’t been following the world of certificate authority politics, the story starts with a CA called WoSign. A university sysadmin created a big tech news story earlier this year after revealing that WoSign gave him a certificate for github.com. This is a pretty big deal, and Mozilla’s investigations into WoSign have raised even more concerns about WoSign’s mistakes and handling of mistakes. One of those concerns is this:
[In November 2015] WoSign purchased the CA “StartCom” and did not disclose the transaction as a change of ownership, which we believe violates section 5 of the Mozilla CA Certificate Maintenance Policy. Furthermore, when this clause was brought to their attention, they denied that any changes fell under it, and they attempted to suppress further information about the ownership transfer when it was brought to the community’s attention.
A couple of weeks ago Mozilla announced that Firefox will be phasing out support for both WoSign and StartCom certificates. Chrome made a similar announcement a week later.
So, instead of renewing my StartSSL certificate, I’ve switched to Let’s Encrypt. Let’s Encrypt went into public beta at the end of 2015 as a radically new kind of CA, trying to make it as easy as possible for domain owners to get certificates (for free!) to encourage wider use of HTTPS. I really liked some of their ideas. Making certificate expiry and renewal a regular, automated event (instead of a highly manual, easy-to-forget rare event) makes a lot of sense. On the other hand, there are several ways Let’s Encrypt could screw up, so I was wary of jumping in too fast. They could have fallen to attackers, or, through mismanagement, turned into the CA version of co.cc domains or something.
But Let’s Encrypt is out of beta and has been running for about a year now. Using their certificates for my personal blog is a good way to kick the tyres on this new approach to certificate management.
Let’s Encrypt certificates are managed on a server simply by running a software client for their ACME protocol. There are several ACME clients available, but I’m using acme-tiny for now. It’s a simple client in 200 lines of Python. Being simple makes it flexible and easy to integrate with existing systems, and it doesn’t even require root privileges (at least for the regular certificate generation). Some other clients are meant to be a bit more “turn-key”, but that comes with a lot less flexibility and more dependencies. If you’re comfortable with general server administration, setting up acme-tiny is probably about as much effort as using one of the other options.