SSL certificates are a pain. Should there be a non-profit organization, like a library, that can issue free trusted certficates? Should they still cost?
Cornel Darden Jr.
Chief Information Officer
Casanova Information Services, LLC
Office Phone: (779) 205-3105
Mobile Phone: (708) 705-2945
Sent from my iPhone
> On Jan 14, 2016, at 1:20 PM, Eric Hellman <[log in to unmask]> wrote:
> A while back, the issue of needing a wildcard certificate (not supported by Lets Encrypt) for EZProxy was discussed.
> In my discussions with publishers about switching to HTTPS, EZProxy compatibility has been the most frequently mentioned stumbling block preventing a complete switch to HTTPS for some HTTPS-ready publishers. In two cases that I know of, a publisher which has been HTTPS-only was asked by a library customer to provide insecure service (oh the horror!) for this reason.
> It's been pointed out to me that while Lets Encrypt is not supporting wildcard certificates, up to 100 hostnames can be supported on a single LE certificate. A further limit on certificates issued per week per domain would mean that up to 500 hostnames can be registered with LE in a week.
> Are there EZProxy instances out there that need more than 500 hostnames, assuming that all services are switched to HTTPS?
> Also, I blogged my experience talking to people about privacy at #ALAMW16.
> http://go-to-hellman.blogspot.com/2016/01/not-using-https-on-your-website-is-like.html <http://go-to-hellman.blogspot.com/2016/01/not-using-https-on-your-website-is-like.html>
> Eric Hellman
> President, Free Ebook Foundation
> Founder, Unglue.it https://unglue.it/
> twitter: @gluejar