Looking for Wildcard SSL (Black Friday / Cyber Monday Deals)
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Looking for Wildcard SSL (Black Friday / Cyber Monday Deals)

mrclownmrclown Member
in Requests

Are there anyone come across this? please share.

Providers, please feel free to drop your deals here.

Cheers!

Comments

  • NotFoundExceptionNotFoundException Member
    edited November 30

    What's the advantage with a certificate from another provider than Let’s Encrypt? Wildcard is free and can be issued via ACMEv2 with DNS-Challenge.

    There are actually great tools for centralized management as well - https://www.certwarden.com/

    Thanked by 3yoursunny mrclown tux
  • buggedoutbuggedout Member

    namecheap has some offer going on. But you can get let's encrypt certs too, it supports wildcard very well. If you are okay with lets encrypt try sslforweb or punchsalad I have used both for wildcard ssl.

  • edoarudo5edoarudo5 Member

    @NotFoundException said:
    What's the advantage with a certificate from another provider than Let’s Encrypt? Wildcard is free and can be issued via ACMEv2 with DNS-Challenge.

    There are actually great tools for centralized management as well - https://www.certwarden.com/

    For lazy people like me who can't be bothered to change DNS values every 3 months for things like DANE TLS. I also use the certificate to access Windows RDP so it's really convenient to have the certificate replaced once a year instead of every 3 months.

    Thanked by 2mrclown NotFoundException
  • mrclownmrclown Member

    Whichever server I could automate, I am using let's encrypt. I am looking for something longer than 1 year.

    Thanked by 1aviadmini
  • NotFoundExceptionNotFoundException Member

    @edoarudo5 said:

    show previous quotes

    For lazy people like me who can't be bothered to change DNS values every 3 months for things like DANE TLS. I also use the certificate to access Windows RDP so it's really convenient to have the certificate replaced once a year instead of every 3 months.

    I understand, but you could automate changing the DANE TLS or the Windows RDP certificate using scripts too.

    For example with certwarden you can call the API and look for changes every X days using CRON or you could setup a POST running script that does the work. For me this heavily reduces my work as I have an already ready scripts that I just copy on a new server / software I setup and never think about it again.

  • edoarudo5edoarudo5 Member

    @NotFoundException said:

    show previous quotes

    I understand, but you could automate changing the DANE TLS or the Windows RDP certificate using scripts too.

    For example with certwarden you can call the API and look for changes every X days using CRON or you could setup a POST running script that does the work. For me this heavily reduces my work as I have an already ready scripts that I just copy on a new server / software I setup and never think about it again.

    Some people (like me), just don't have the time for that (creating a script) and would rather just pay for it and get over it. I also had some bad experiences with automation (like the process not triggering properly because there are times Let's Encrypt issuance servers are down/limited availabilty/API disruption) that I'd rather have not to deal with. Just deal with it once a year manually and it's done.

  • jon617jon617 Veteran

    @mrclown said: Whichever I am looking for something longer than 1 year.

    Keep in mind that what was once a manual cert replacement once per year, is about to change. You're good for a cert issued now in 2025, but beginning early 2026, newly issued certs for domain names start phasing into an eventual 47-day validity period.

    Upcoming changes. Certs issued on & after:

    • March 15, 2026, valid for up to 200 days.
    • March 15, 2027, valid for up to 100 days.
    • March 15, 2029, valid for up to 47 days.

    @edoarudo5 said: Some people (like me), just don't have the time for that (creating a script) and would rather just pay for it and get over it.

    It sucks but replacing certs won't be a manual one-and-done yearly task anymore. While we who run our own systems can manually replace certs every 6 weeks (and we're nerds so I get the fun in that), but it's likely to quickly get too burdensome and too risky so everyone will find some automation to take care of it by 2029.

    Thanked by 1OpaqueRegistrant
  • OpaqueRegistrantOpaqueRegistrant Member

    @edoarudo5 said:

    show previous quotes

    For lazy people like me who can't be bothered to change DNS values every 3 months for things like DANE TLS. I also use the certificate to access Windows RDP so it's really convenient to have the certificate replaced once a year instead of every 3 months.

    You can use a DNS provider (not registrar) supported by certbot, or self host DNS. You don't need to move your whole DNS as the dns challenge entry can be a CNAME that points to differently hosted DNS

  • NotFoundExceptionNotFoundException Member

    @OpaqueRegistrant said:

    show previous quotes

    You can use a DNS provider (not registrar) supported by certbot, or self host DNS. You don't need to move your whole DNS as the dns challenge entry can be a CNAME that points to differently hosted DNS

    That was not the problem, it was DANE TLS which includes the current public key of the cert.

  • TudcloudTudcloud Member, Patron Provider

    RapidSSL Wildcard DV **10%off ** Cheers ;)
    order:https://billing.tudcloud.com/black-week-and-1111

  • manishmanish Member

    Root CA from EU with consistent prices for Wildcard:
    https://shop.certum.eu/commercial-ssl-certificate.html

Sign In or Register to comment.