From my review of letsencrypt, it seems to require running code on the endpoint. If my endpoint is an embedded device (e.g. a brocade load balancer), how do I go about getting a letsencrypt cert?
Asked
Active
Viewed 150 times
0
-
1well, you could update the cert every 90 days... – Jacob Evans Jan 11 '17 at 05:10
-
why not use an internal CA, or a reverse proxy with LE – Jacob Evans Jan 11 '17 at 05:13
2 Answers
0
You will have to use another device to get the certs from LE and then update the embedded deice manually or if available via a script.
user9517
- 115,471
- 20
- 215
- 297
0
Let's Encrypt doesn't require any code running on the device. You can use DNS-based domain-control validation (set a special TXT record) to demonstrate control, then issue certs as needed. It is highly recommended that you have some automated means of updating the certificates, since they expire every 90 days, but that doesn't mean running code on the device -- it could be a script to login and configure a new cert/key.
womble
- 96,255
- 29
- 175
- 230