Switch to BuyPass as cert provider? #165
Labels
No Label
administration
Akkoma
Android
Bare metal
bug
Communication
Community
Cryptpad
Discussion
Documentation
duplicate
enhancement
etherpad
Feature request
Feedback
finances
Fixed
forgejo
fun_project
Goal 2024
help wanted
Howto
🤔️ Investigate
ios
jitsi
lacre
Lacre Test
ldap
Lemmy
LibreTranslate
low prio
Lufi
macos
Mail
Merch
monitoring
movim
needs_refine
New Auth
Nextcloud
nice to have
on hold
proposal
question
Ready
refined
Roundcube
searX
spam-protection
Staging Server
Themes
TOR
Urgent!
Website
windows
wontfix
xmpp
Yearly Report
No Milestone
No project
3 Participants
meaz
avg_joe
antilopa
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: Disroot/Disroot-Project#165
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Due to latest issues with letsencrypt, older devices have problems with using disroot services due to lack of support for new root certificate. One of the solutions would be to change provider of certificates. As suggested by selea we could switch to BuyPass certs. We could still use certbot so not much issues would be required. Question is, if we want to change form letsencrypt to something else.
I think we should check what are the cons of the switch. Get to know more about the company behind it etc. Would be nice if someone could take on that one to do some investigation.
Is there any way I can help with this? The Wikipedia page is a stub whose only sources are pages from the company's own website, but this one could be useful for identifying some of the boxes that free ACME certs from Buypass do and don't tick:
https://www.buypass.com/ssl/products/acme
thanks @strypey I will check this out. I am a bit busy this week so not sure I can properly look into it. Just out of curiosity. Removing and recnfiguring deltachat does not help? On nextcloud's ios app that dd the trick as old root cert was just cached and that was the reason.
Well, Let's Encrypt is a non-profit provider while Buypass is not to begin with. I'm not sure about this move to be honest. Also Buypass certs has a 80 €/year cost if I get it right.
@fede
They also have paid plans, yes, but what's being proposed here is the gratis plan (using ACME, no charge). See the link in my first comment.
Hi, @strypey! Thanks for the clarification.
I still don't understand what would be the difference (besides what I noted before about the kind of organizations they are). I couldn't find information about what @muppeth mentioned (older devices cert support).
Looks like buypass does not allow more then 5 certs per domain, which makes it unusable for us. Since it's issuer for profit it makes sense why they impose such restrictions and does not look like they will change it at any point.
@strypey don't you have possibility to upgrade to lineage? I know this sucks, but non valid ssl is just a sign to consider upgrading software. Soon we will be (as most of the internet) phasing out old version of TLS and such and your problem of running very outdated sfotware will only increase.