Let’s Encrypt Certificates For Everyone

We have been issuing and automatically installing Let's Encrypt® certificates for a while now. The only manual thing was the trigger of this process. But today, we are glad to announce fully automated Let's Encrypt certificates for everyone!

When you add a domain — which targets Clever Cloud — to an application; it will have its own certificate a few minutes later (up to 12 minutes later).

This has been live since 2018-11-16. Hundreds of certificates have been issued since then. This has been possible thanks to Let's Encrypt, who also extended their rate limiting on their API.

How do we do this?

As explained in the previous blog post, queries to the path used by Let's Encrypt to check the ownership of the domain are routed to our Let's Encrypt integration service. This allows us to process the Let's Encrypt queries, get the certificate and give it to our certificates manager.

Here is what's new. Once a user adds a new domain, we periodically check that we can reach our Let's Encrypt integration service. When we do, we start the usual process et voilà.

What if I want another kind of certificate?

That's not a problem:

If you already have a certificate, we will not create a Let's Encrypt certificate.

How about existing domains?

Existing domains which do not yet have a certificate will all get a Let's Encrypt certificate.

This will be done over the next weeks to come. We can't do this in a single batch for two reasons:

  • Let's Encrypt rate limiting (we have extended limits but we still cannot send such a big batch all at once)
  • We need to spread this out so that we don't have a big batch of renewals every 3 months

If you don't want to wait, you can simply ask us to enable it.

Next steps

There are a few things yet to come:

  • Interface in the console to track the status of the certificates
  • Support of wildcard certificates (which will not be quite as automatic because it requires DNS validation; this will require an action from you at first)

One last thing

We are now proud sponsors of Let's Encrypt!

Blog

À lire également

Clever Tools: a year of enhancements for your deployments, on the road to v4

A command line interface (CLI) is at the core of developer experience. At Clever Cloud, we have been providing Clever Tools for almost 10 years.
Engineering Features

Otoroshi with LLM: simplify your API and AI service management on Clever Cloud

Your applications and services are evolving in an increasingly complex environment, requiring effective management of APIs and interactions with artificial intelligence models such as the very popular LLMs (Large Language Models).
Features

Markitdown-as-a-Service: from AI to production on Clever Cloud

Every day, new tools are released, AI brings new perspectives, you have new ideas. It's one of Clever Cloud's missions to help you to develop and test them in real-life conditions, effortlessly, before making them available to everyone.
Engineering