Subscribe to our email newsletter » Subscribe to our email newsletter to receive updates » Free chat room  |   Star on GitHub

Let’s Encrypt (Certbot) Support Is Finally Here

January 2, 2020

Although we mentioned a few weeks back that so many customization options are now supported that it would be difficult to announce them all individually, the latest support for Let’s Encrypt via the Certbot installation API is such a big feature (and has been requested for many months) that we are making a specific blog post just for this.

We thought it was the perfect way to start off 2020 by announcing Let’s Encrypt support! 🙂

We have been testing it for several weeks to ensure it was not only stable implementation, but that it received a consistent A+ grade on the SSL Labs testing tool as well.

Keep in mind that the primary goal of SlickStack will always be simplicity and stability. We want it to “just work” so that various integrations can easily be added as desired, but that core features are extremely stable. This means that OpenSSL will always be the recommended SSL certificate, unless at some point in the future SSL validation becomes A LOT easier than it is now. While Let’s Encrypt has done a decent job at making SSL free and (kind of) easy to install, it is still a very long way from being truly simple and easy to setup. Therefore OpenSSL, since it is included by default in both Ubuntu, and Nginx, and since it does not require any third party CA signing, it will remain our preferred SSL method. We are simply very lucky that CloudFlare’s free SSL proxy “signs” the OpenSSL self-signed certs because no other SSL proxy services do this currently… we are hoping more will in the future, but not yet.

Thus, with all this in mind, SlickStack considers Let’s Encrypt to be a “backup” SSL method… or a temporary SSL method for testing and development. We expect and assume that before you generate a Certbot SSL on your domain, that CloudFlare is already activated on your domain. In this manner, OpenSSL + CloudFlare is required to be setup prior to requesting Certbot so that Certbot can properly verify your domain ownership via /.well-known/ before proceeding… since SlickStack is HTTPS (port 443 only) there is no way around this currently.

In the future, we plan to support the DNS verification API from Certbot. That said, again, OpenSSL and CloudFlare is still our recommended default.

Thanks for your patience and all your feedback… let us know if any issues on our repo, or Spectrum Chat … etc.

Recent Blog Posts

The Last (Lightweight) CSS Reset You’ll Need

CSS resets have always been a pain in the neck, because of new elements and CSS options being released every few years. To make it more annoying, various browsers have decided to come up with their own default CSS settings in case they are undefined (and sometimes, even if they are defined). Since our team […]

Custom Cron Jobs (Unrestricted Code) Are Here

One of the most requested features ever, custom cron jobs, is finally here! A lot of developers who have come across SlickStack always say “this is awesome and super optimized but I still need the ability to add a few custom cron jobs” for a special API to import their WooCommerce products, or a third […]

Fastest WordPress Hosting (For Under $5/mo)

For over a decade, WordPress has continued to dominate the web hosting industry as small businesses and bloggers alike continue to seek out free and reliable CMS software that can easily be moved between web servers as needed, without being locked-in to any single platform or service. But in the past few years especially, high-tech […]