When: Tue April 11, 2017 07:30 PM to 09:00 PM
Speaker: Allan Cecil
Location: O'Reilly Media
Description: Let’s Encrypt is a way for anyone to enable TLS (as in, HTTPS) support to a webserver at no cost. However, there are many security considerations involved with everything from certificate renewal to safe handling of the various files involved. In this talk and live demo I’ll cover how to create a reverse proxy using the nginx webserver that simultaneously allows multiple webservers to exist at one IP address and show how isolating Let’s Encrypt to a different system increases security. The talk will also cover more secure (and less risky) methods of automatic key renewal than the official, somewhat invasive renewal tool.