Can Mendix add support for letsencrypt.org to obtain free signed SSL/TLS certificates for custom domains?

Question

Can Mendix add support for letsencrypt.org to obtain free signed SSL/TLS certificates for custom domains?

6

To enable HTTPS on your Mendix custom domain, you need to get a certificate from a Certificate Authority (CA). Signed certificates are not cheap--they can average $1,000 (USD) annually to obtain and renew each year. There is a free alternative to the widely accepted and expensive CAs:

From Let's Encrypt: Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG). We give people the digital certificates they need in order to enable HTTPS (SSL/TLS) for websites, for free, in the most user-friendly way we can. We do this because we want to create a more secure and privacy-respecting Web.

The key principles behind Let’s Encrypt are:

Free: Anyone who owns a domain name can use Let’s Encrypt to obtain a trusted certificate at zero cost.
Automatic: Software running on a web server can interact with Let’s Encrypt to painlessly obtain a certificate, securely configure it for use, and automatically take care of renewal.
Secure: Let’s Encrypt will serve as a platform for advancing TLS security best practices, both on the CA side and by helping site operators properly secure their servers.
Transparent: All certificates issued or revoked will be publicly recorded and available for anyone to inspect.
Open: The automatic issuance and renewal protocol is published as an open standard that others can adopt.
Cooperative: Much like the underlying Internet protocols themselves, Let’s Encrypt is a joint effort to benefit the community, beyond the control of any one organization.

The best way to use Let’s Encrypt without shell access to the web server is by using built-in support from your hosting provider (i.e. Mendix Cloud). If your hosting provider offers Let’s Encrypt support, they can request a free certificate on your behalf, install it, and keep it up-to-date automatically.

https://letsencrypt.org/getting-started/

asked 2024-03-08

Ned Gosaynie

2 answers

Shalimar Lake · Answer 1 · 2024-07-24

Peter, multiple times in the forums possibly but still not any movement from the development team in 6 years...

Peter Mudde · Answer 2 · 2024-03-11

Hi Ned, this idea is already found multiple times in the idea forum:

- https://community.mendix.com/link/space/security/ideas/398

- https://community.mendix.com/link/space/app-development/ideas/1872