02-27-2020, 09:37 AM
(This post was last modified: 02-27-2020, 11:44 AM by Jose Nilton Pace.)
Hi guys!
Next IntraWeb version will handle the whole Let's Encrypt certificate generation process. Let's Encrypt (https://letsencrypt.org/), in their own words is "A nonprofit Certificate Authority providing TLS certificates to 180 million websites". Let's Encrypt certificates are 100% free.
We created a new ACME client, written in Delphi, which will be part of IntraWeb Ultimate and 100% integrated to the IntraWeb application. It will be able to fully handle Let's Encrypt HTTP-01 Challenge (https://letsencrypt.org/docs/challenge-types/), including: generation of key pairs and CSR (Certificate Signing Request), handling of the challenge itself (saving a challenge file in a specific folder and responding to Let's Encrypt request), downloading the Certificate from Let's Encrypt server and installing it (depending on your deployment type).
When done manually, the whole certificate process is *painful* and needs to be repeated every 3 months or less (LE certificates need to be renewed every 3 months). Also, if you are using other paid Certificate Authority, it can cost you up to a couple of hundreds *per year* for a simple certificate...
In short: all IW applications can benefit from SSL/HTTPS security with almost ZERO human intervention and very low maintenance! A really cool feature that will save you lots of work and also money!
First version will be ready for testing in a few days.
Stay tuned!
Next IntraWeb version will handle the whole Let's Encrypt certificate generation process. Let's Encrypt (https://letsencrypt.org/), in their own words is "A nonprofit Certificate Authority providing TLS certificates to 180 million websites". Let's Encrypt certificates are 100% free.
We created a new ACME client, written in Delphi, which will be part of IntraWeb Ultimate and 100% integrated to the IntraWeb application. It will be able to fully handle Let's Encrypt HTTP-01 Challenge (https://letsencrypt.org/docs/challenge-types/), including: generation of key pairs and CSR (Certificate Signing Request), handling of the challenge itself (saving a challenge file in a specific folder and responding to Let's Encrypt request), downloading the Certificate from Let's Encrypt server and installing it (depending on your deployment type).
When done manually, the whole certificate process is *painful* and needs to be repeated every 3 months or less (LE certificates need to be renewed every 3 months). Also, if you are using other paid Certificate Authority, it can cost you up to a couple of hundreds *per year* for a simple certificate...
In short: all IW applications can benefit from SSL/HTTPS security with almost ZERO human intervention and very low maintenance! A really cool feature that will save you lots of work and also money!
First version will be ready for testing in a few days.
Stay tuned!