Blog / Security

Automatically generating and renewing Let's Encrypt SSL certificates with the certbot client and Ansible

August 11, 2016

I just finished updating my ansible-django-stack project and added tasks to automatically issue a Let's Encrypt SSL certificate and set up a cron job to auto-renew the certificate.

We're now using it for all our Shopify apps which are built in Django. Let's Encrypt certificates are only valid for 90 days, so if you have a bunch of web apps like we do and have more planned in the future, automating this process now could …

Read more

Generating free trusted SSL certificates with Let's Encrypt

July 19, 2016

I've always hated the idea of having to pay for SSL certificates. You could always generate them yourself for free with OpenSSL and they're just as secure as the paid ones. But if you're running a public-facing website, you're pretty much stuck and have to pay for one if you don't want your visitors seeing security warnings in their browser. At least that was the case until Let's Encrypt, a free certificate authority, came …

Read more

Certificate verify failure with version 2015.9.6.2 of the certifi package

October 12, 2015

I just spent the past hour trying to troubleshoot this error message I was getting from the requests package when communicating with the MailChimp API:

SSLError: [Errno 1] _ssl.c:510: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

I just provisioned a production server running Ubuntu 14.04 x64 for a new Django project and had been pulling my hair out trying to figure out why it was throwing this error when our stage server works perfectly. Finally I decided to …

Read more
Newer Older