Re: how to use the ktls

From: Freddie Cash <>
Date: Mon, 27 Jan 2020 08:40:45 -0800
On Sun, Jan 26, 2020 at 12:08 PM Rick Macklem <> wrote:

> Oh, and for anyone out there...
> What is the easiest freebie way to test signed certificates?
> (I currently am using a self-signed certificate, but I need to test the
> "real" version
>  at some point soon.)

Let's Encrypt is what you are looking for.  Create real, signed,
certificates, for free.  They're only good for 90 days, but they are easy
to renew.  There's various script and programs out there for managing Let's
Encrypt certificates (certbot,, dehydrated, etc).  There's a bunch
of different bits available in the ports tree.

We use dehydrated at work, using DNS for authenticating the cert requests,
and have it full automated via cron, managing certs for 50-odd domains
(school servers and firewalls).  Works great.

Freddie Cash
Received on Mon Jan 27 2020 - 15:40:59 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:22 UTC