Comments on: Automatic TLS is now a thing https://blog.nearlyfreespeech.net/2024/05/10/automatic-tls-is-now-a-thing/ A blog from the staff at NearlyFreeSpeech.NET. Wed, 29 May 2024 20:55:48 +0000 hourly 1 By: venteria https://blog.nearlyfreespeech.net/2024/05/10/automatic-tls-is-now-a-thing/#comment-29996 Wed, 29 May 2024 20:55:48 +0000 https://blog.nearlyfreespeech.net/?p=806#comment-29996 Thank you!!! Great feature

]]>
By: gellenburg https://blog.nearlyfreespeech.net/2024/05/10/automatic-tls-is-now-a-thing/#comment-29994 Sat, 18 May 2024 02:18:45 +0000 https://blog.nearlyfreespeech.net/?p=806#comment-29994 Well look at that. 😉 Niiice! (And sorry for the hassle in the support forums.)

]]>
By: jdw https://blog.nearlyfreespeech.net/2024/05/10/automatic-tls-is-now-a-thing/#comment-29993 Fri, 17 May 2024 19:17:07 +0000 https://blog.nearlyfreespeech.net/?p=806#comment-29993 In reply to bendodge.

It waits for DNS to be set up correctly before trying in the first place, then retries fairly aggressively (with exponential backoff) if needed. Much moreso than tls-setup.sh did.

However, we are also still working through the weird edge cases you get when reality doesn’t match the OT&E, and that occasionally leads to delays until we figure it out. That’s likely what you experienced. -jdw

]]>
By: bendodge https://blog.nearlyfreespeech.net/2024/05/10/automatic-tls-is-now-a-thing/#comment-29992 Fri, 17 May 2024 18:21:15 +0000 https://blog.nearlyfreespeech.net/?p=806#comment-29992 Deployed a new site with domain’s DNS still pointing at old host. Set up content, then switched over DNS.

Automatic TLS didn’t set up correctly because DNS was wrong. Now that it’s correct, I see no way to retry. Guess I just wait.

Doesn’t this present a problem for anyone attempting a fast cutover between hosting providers?

]]>
By: jdw https://blog.nearlyfreespeech.net/2024/05/10/automatic-tls-is-now-a-thing/#comment-29991 Sat, 11 May 2024 14:54:22 +0000 https://blog.nearlyfreespeech.net/?p=806#comment-29991 In reply to Tim McCormack.

That’s correct. That requirement was why we didn’t think we could do this, but it turns out that they’re happy to allow us to do that as long as we’re the ones holding the private keys. -jdw

]]>
By: Tim McCormack https://blog.nearlyfreespeech.net/2024/05/10/automatic-tls-is-now-a-thing/#comment-29990 Sat, 11 May 2024 11:34:27 +0000 https://blog.nearlyfreespeech.net/?p=806#comment-29990 Very cool! Thank you so much.

I imagine that the service provider integration also involves Let’s Encrypt waiving their individual Terms & Conditions signoff that they would normally require each user to do (besides any technical integration.)

]]>
By: Andrew Guyton https://blog.nearlyfreespeech.net/2024/05/10/automatic-tls-is-now-a-thing/#comment-29989 Sat, 11 May 2024 04:20:48 +0000 https://blog.nearlyfreespeech.net/?p=806#comment-29989 That’s awesome, thank you!!

]]>
By: MiquelFire https://blog.nearlyfreespeech.net/2024/05/10/automatic-tls-is-now-a-thing/#comment-29988 Sat, 11 May 2024 03:00:58 +0000 https://blog.nearlyfreespeech.net/?p=806#comment-29988 I was wondering why I saw that icon on one of my sites when I looked today.

]]>