Return to site


About Let's Encrypt

· 途·Develop


百度于2018-02-05 发布《HTTPS改造的必要性》,我厂网站于3月7日到9日进行了网站运行环境的改造,以完成https改造。

在改版前首先了解了一下各种商业CA证书市场普遍售价为2k-5k/年。这个过程中发现了Let's Encrypt

Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit.

它由Internet Security Research Group (ISRG)提供支持。特性如下

  • Free(免费): Anyone who owns a domain name can use Let’s Encrypt to obtain a trusted certificate at zero cost.
  • Automatic(自动化): Software running on a web server can interact with Let’s Encrypt to painlessly obtain a certificate, securely configure it for use, and automatically take care of renewal.
  • Secure(安全): Let’s Encrypt will serve as a platform for advancing TLS security best practices, both on the CA side and by helping site operators properly secure their servers.
  • Transparent(透明): All certificates issued or revoked will be publicly recorded and available for anyone to inspect.
  • Open(开放): The automatic issuance and renewal protocol will be published as an open standard that others can adopt.
  • Cooperative(共赢): Much like the underlying Internet protocols themselves, Let’s Encrypt is a joint effort to benefit the community, beyond the control of any one organization.


网站采用的是Wordpress+Let's Encrypt+Docker+daocloud.io实现的https改造。这为以后网站的扩展提供了良好的自动化基础。


All Posts

Almost done…

We just sent you an email. Please click the link in the email to confirm your subscription!