On 03/11/15 16:05, Ian Eiloart wrote:
>
>> On 3 Nov 2015, at 14:52, Jon Gerdes <gerdesj@???> wrote:
>>
>> Generating a self signed certificate at install time could be fraught
>> with problems: what if there is an insecure OpenSSL/LibreSSL/whatever
>> library installed and used?
>
> Rather than use a self-signed certificate, why not use LetsEncrypt.org to get a free domain bound certificate with widespread trust anchors?
> https://letsencrypt.org/getinvolved/
https://community.letsencrypt.org/t/frequently-asked-questions-faq/26
> Can I use certificates from Let’s Encrypt for code signing or email
> encryption?
>
> No. Email encryption and code signing require a different type of
> certificate than Let’s Encrypt will be issuing.
Not especially encouraging.
--
Jeremy