Jump to content

Amazon Echo added IFTTT


Scottmichaelj

Recommended Posts

Posted

FYI, letsencrypt is now live.  Free valid certs for all :-P

Unfortunately for those of us who wish to use a trusted cert on our ISY, we're out of luck since the ISY doesn't support intermediate certs which to my knowledge all CA's have moved to. That said, this is of little benefit until support is added...

Posted

 

 

Unfortunately for those of us who wish to use a trusted cert on our ISY, we're out of luck since the ISY doesn't support intermediate certs which to my knowledge all CA's have moved to. That said, this is of little benefit until support is added...

I'm told this might just be on its way...... Not that letsencrypt will work - it requires their custom client, and only issues 90 day certs.

Posted

Hello everyone,

 

Intermediate certs are now functional and doing alpha testing. Should be available shortly.

 

With kind regards,

Michel

Michel,

 

Do you happen to know if installing a cert (and now intermediates) is doable via the ISY REST API?

Posted

Hello everyone,

 

Intermediate certs are now functional and doing alpha testing. Should be available shortly.

 

With kind regards,

Michel

Thank you!!! :)
Posted

Hello everyone,Intermediate certs are now functional and doing alpha testing. Should be available shortly.With kind regards,Michel

Michel, that is great news! That said, should we expect to see this in the next beta or will it follow a different upgrade path?

 

Thanks for all that you do!

Chuck

Posted

Http://letsencrypt.org is the main site for it. They are looking at free automated ssl certs.

 

Since it sounds like the cert stuff is not exposed via the rest interface, would it be possible for a module to implement the api for letsencrypt?

 

Steve

 

Sent from my XT1045 using Tapatalk

Posted

There is an open source client for letsencrypt (https://github.com/letsencrypt/letsencrypt). On the site, it says:

 

The Let's Encrypt Client is a fully-featured, extensible client for the Let's Encrypt CA (or any other CA that speaks the ACMEprotocol) that can automate the tasks of obtaining certificates and configuring webservers to use them.

 

I don't (yet) know what the 'ACME' protocol it, but it looks like this is the protocol that would need to be added to the ISY (or Admin Console) to effect free publically trusted certificates.

 

Preference would be on the ISY itself - they are short lifetime certificates. They really want the appliance to self maintain them.

 

As I've mentioned before, if ISY is able to do this, UDI will seriously reduce support incidents for users setting up SSL.

 

Michael.

 

Edit: ACME is a json over SSL protocol. Looks easy enough! https://en.m.wikipedia.org/wiki/Automated_Certificate_Management_Environment

 

The overall idea is that it's nearly as easy to deploy with a CA-issued certificate as a self-signed certificate, and that once the operator has done so, the process is self-sustaining with minimal manual intervention. Close integration of ACME with HTTPS servers, for example, can allow the immediate and automated deployment of certificates as they are issued, optionally sparing the human administrator from additional configuration work.

https://github.com/ietf-wg-acme/acme/blob/master/draft-ietf-acme-acme.md

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing

    • No registered users viewing this page.
  • Who's Online (See full list)

    • There are no registered users currently online
  • Forum Statistics

    • Total Topics
      37.2k
    • Total Posts
      372.4k
×
×
  • Create New...