I found out that apache had built-in support ( via a module - mod_md ) for automatic TLS certificate management with Let's Encrypt since October 2017.

Bloody Hell! Why didn't I hear of this sooner?

So, I ran off into my cloud to set up this so-called ManagedDomain ( mod_md ).

Found the module in the package repositories, installed it and started testing it out.
I started writing IfModule conditions under mod_ssl so that I wouldn't have to overwrite my existing TLS configurations ( which was already issued by Let's Encrypt via certbot, by the way ).

After a whole night of twisting and turning with the configurations, it turns out that the module in the package repositories were built for ACMEv1 and that API has been dead for as long as the module has been around.

I had noticed that the module was 'experimental', but I still hoped that they had the packaged the module.

Finally, I cozied back up with certbot. At least, until this so-called mod_md becomes stable and mainstream.
I hope certbot doesn't make a fuss. I'm sure, it got offended that I was trying to cheat it with mod_md.

  • 0
    I got excited for a moment :/
  • 0
    Meh, use caddy
  • 0
    @gronostaj me too. that's why I jumped into it even though I was kind of tired for the night.

    The excitement of the imagination of having "managed" TLS ready-out-of-box on APACHE ( ! ) is what pushed me through the whole night.
  • 0
    @ebrithil I've used caddy, but I don't think it's ready for scale and prime-time.

    I love caddy's innovation. In fact, I've used it in many of my smaller-scale projects ( including the one that I'm currently working on ), but if it came to scale and production-grade stability, I'd rather pick apache or nginx.

    NB : I hope Matt isn't lurking around here. I don't want to offend him. That guy is one hell of a guy. He responded to 2 of my bug reports within minutes and fixed the bugs in under an hour. That's amazing dedication that I've not seen in open source.
Add Comment