Thanks, forwarding to Wirah now

certbot certonly mother fucker

lol this reminded me to update my own certificates, and man, what a trip

every time i do it i think i have it figured out, every single time it seems like the process i used the last time, fails to work. so i just throw commands at my prompt until i can cat foo.crt and bar.key (why the fuck do half these programs spit out thirty different kinds of filetypes, mother fuck)

was pleasantly surprised this time around though, after working out some kinks i found that there was a windows program ('certify the web' is its name) that was fairly straightforward (aside from having to dig around in my windows certificates to find these shitty certs) - especially since it supported api hooks for larger hosts, which meant i was able to use my godaddy api keys to let the program do the dns validation automatically, which was nice. when i try to do it manually, its a fucking crapshoot, idk whats up with that. acme tells me it doesn't see the txt entry over and over as i slowly descend into that level of rage reserved for people who code, the rage that comes from typing the same command ten different times, and getting ten different results

web servers should build it in. gotta be pretty high on the list of causes of downtime.

i figure prior to google going hardline with their decision to make chrome bitch and moan when visiting a non-ssl webserver, combined with the (imo) insane profit margins possible made by selling certs, there was relatively low incentive to improve the usability or convenience of ssl certs

but i mean, even three months ago it was a nightmare to even attempt to self-cert for someone like me, who mainly uses windows, and doesnt have root access to the server i pay for. i'd wager we'll be seeing a nice shift, and now im thinking about it, i wanna say im definitely seeing more hosts typically offer at least a year of free ssl in their signup deals, as well as reducing the requirements for free certs down from the upper tiers of various subscriptions, where you might be able to have that option as part of something in the $20/month range if you did some shopping. on top of that the no-cost options are becoming easier and easier as the demand for letsencrypt certs rises, it aint quite at a level that joe fuckface could use, but if youve ever done something like use a crack to play a game, you probably have the know-how to get a cert

if i had any business sense i'd exploit the current moment and make some money offering my services to smaller sites, offering it at a discount of the usual ~100 dollar range, and then just lets encrypt shit until someone wrote a cease and desist

i double clicked my chrome button and waited the mandatory 5 minuites on my 10 year old laptop. no user input, still able to use paint on occasion. still single though, wadup