[rabbitfang48]

> 2) Give that you can get LE certs for free and use certbot for auto-renewal, why is anyone purchases certs anymore ?

Let's Encrypt only offers Domain Validation certificates, not Organization Validation or Extended Validation (green bar) certificates [1]. The certificates themselves are only valid for 90 days, which might pose a problem for organizations where their infrastructure makes changing certificates difficult or time consuming. LE does not offer wildcard certificates [1], and there is a rate limit of 20 certificates per week per registered domain [2], so organizations with too many domains won't be able to use LE for all their certs.

[1]: https://letsencrypt.org/docs/faq/ [2]: https://letsencrypt.org/docs/rate-limits/

[Torgo]

This is basically where I am. I have a VPN appliance I have to maintain. It's a manual process to update the certificate. Just about everything else I use runs LetsEncrypt, but this VPN box has a nine dollar cert from Namecheap because nine dollars is totally worth not having to manually deal with the certificate replacement more often than once a year.

[misiti3780]

interesting - thanks!