New Ranks & Badges For The Community!
Notice something different? The ranks and associated badges have gone "Star Fleet". See what they all mean HERE

support for Let's Encrypt

Idea ID 2779437

support for Let's Encrypt

I like to see built in support for Let's Encrypt (https://letsencrypt.org/) all user/device facing interface in Groupwise like web access, gms etc.
You can ofcource allready use Let's Encrypt certificates so what's i needed is a mechanism for automatically monthly update of the certificates.

/Lennart
4 Comments
Absent Member.
Absent Member.
Ability to use any PGP/GPG process would be great...there are several tools out there that can help manage PGP/GPG infrastructure...so simply the ability to import/update the keys and utilitze for signing/encryption.
Absent Member.
Absent Member.
I too would like to see it baked in as an option. dsapp now has some support for implementing Let's Encrypt for GMS. As for Webaccess, it is strait forward apache that handles the encryption which is well documented at Let's Encrypt. As for the rest of the agent to agent (POA, MTA, etc..) I think it could be done and not to dissimilar to how I've already done it in GMS (just before it was added to dsapp) so some scripting work and testing is in order by anyone who wants to create a CoolSolution. @HutcH H you want to check out the other Idea 1384 This idea is about the SSL/TLS encryption among the agents, where as PGP/GPG is client to client that Idea 1384 addresses and could use your vote. These two encryption methods are totally separate but complimentary. https://ideas.microfocus.com/MFI/mf-gw/Idea/Detail/1384
Commander
Commander
Is this really necessary? I would just put a reverse proxy in front and handle all the certificate stuff at the proxy level.
Cadet 1st Class
Cadet 1st Class
Let's Encrypt is able to do the certificate-refresh just using bash / python scripting. So I'm using a cronjob asking once a week for a new certificate - inluding propagation to GW mobility service and sending error messages in case of an unexpected Let's Encrypt messages.
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.