Let's Encrypt
letsencrypt.org
Let's Encrypt is a free, automated, and open certificate authority brought to you by the nonprofit Internet Security Research Group (ISRG). Read all about our nonprofit work this year in our 2023 Annual Report.

Happy birthday to Let’s Encrypt !

Huge thanks to everyone involved in making HTTPS available to everyone for free !

    • xthexder@l.sw0.comEnglish
      4·
      7 months ago

      Oh man, I forgot about startssl until just now. I definitely had a few of those certs. If you wanted something fancy like a wildcard cert back then, you were paying $$$

        • xthexder@l.sw0.comEnglish
          3·
          7 months ago

          Wildcard certs are perfectly fine. Your own instance lemm.ee is using one right now.

          Obviously there could be issues if subdomains are shared with other sites, but if the whole domain is owned by 1 person, what does it matter?

            • pcouy@lemmy.pierre-couy.frOPEnglish
              2·
              7 months ago

              Having a certificate for any subdomain has implications for other sibling domains, even without a wildcard certificate.

              By default, web browsers are a lot less strict about Same Origin Policy for sibling domains, which enables a lot of web-based attacks (like CSRF and cookie stealing) if your able to hijack any subdomain