• 0 Posts
  • 7 Comments
Joined 1 year ago
cake
Cake day: October 27th, 2023

help-circle
  • Open WebUi supported a dozen or so search engines out of the box the last time I looked, most emanating from a feature request on github commented on by well engaged users of the software. If your fave search engine isn’t supported there are well documented how-tos on rolling your own. Check the community plugins as well - someone may have posted something, or an existing one could be adapted. GL


  • I work for a global enterprise company that transacts hundreds of millions of dollars via LE certs.

    The B2B use case isn’t quite what I was referring to with respect to the type of trust required for first time or consumer transactions such as ecommerce. That said, this enterprise doesn’t sound federally regulated at all because if it were, it wouldn’t be using Let’s Encrypt.


  • Let’s encrypt makes sure you control either the domain or a server the domain points to

    ‘ Control’ but not own, which leaves it open to criminal activity. In contrast, a SSL certificate authority will ask for multiple pieces of ID for corporate registrants including articles of incorporation.


  • d416@lemmy.worldtoSelfhosted@lemmy.worldPaid SSL vs Letsencrypt
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    2 months ago

    hey I don’t make the trust rules. ZScaler is trash imo but hundreds of thousands of clients are ‘protected’ by their trust rules. People downvoting my post because it doesn’t wash with ‘the way things should be’ but in reality SSL certs are like email providers these days - if you aren’t paying with one of the big corps, a good portion of your web traffic (or email) might be blocked. Sad but true. There is a reason Let’s Encrypt and Cloudflare et al are heavily used by Crypto sites, and that is due to the anonymity they provide. If all you care about is encrypting traffic, use Let’s Encrypt. If you care at all about perception of trust, use paid SSL. simple.

    we have Fortune 100 companies served with LetsEncrypt certs

    these are subdomains of a verifiably certified root domain no doubt


  • d416@lemmy.worldtoSelfhosted@lemmy.worldPaid SSL vs Letsencrypt
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    2 months ago

    Let’s encrypt, and any other ACME based certificate of authorities will let anyone without identity verification create a SSL cert that will work in any browser. This creates trust issues with certain clients browsing web. For example my work (50k+ employees) uses Zscaler to evaluate if a website is safe and it 100% will down-votes any site that uses let’s encrypt due to the lack of transparency. Zscaler will eventually block that website from employees if the score falls too low. Having an SSL cert that you pay for gives cyber security, firms - rightly or wrongly - an additional level of confidence that your identity has been verified.

    Full disclosure: I use let’s encrypt on all my self hosted docker instances via Coolify which suits my needs. If I were to set up an ecommerce or other site that needs to guarantee trust, I would absolutely use a paid ssl cert.