Read on Twitter
What goes into providing free automatic SSL at scale? 
◆ Let's Encrypt integration
◆ Auto challenge resolution based on DNS or HTTP
◆ Auto DNS record provisioning when using ZEIT DNS
◆ Monitoring LE API status and ACME protocol evolution
◆ Modern TLS support (1.3 +)
◆ Let's Encrypt integration
◆ Auto challenge resolution based on DNS or HTTP
◆ Auto DNS record provisioning when using ZEIT DNS
◆ Monitoring LE API status and ACME protocol evolution
◆ Modern TLS support (1.3 +)
◆ Scaling LE rate-limits and accounts with issuance growth
◆ Automated renewal process w/ liveness monitoring
◆ Emailing customers when their manual DNS changes interfere with LE challenge resolution
◆ Watchdog monitoring of the CDN edges for safety
◆ Secure key storage
◆ Automated renewal process w/ liveness monitoring
◆ Emailing customers when their manual DNS changes interfere with LE challenge resolution
◆ Watchdog monitoring of the CDN edges for safety
◆ Secure key storage
◆ Enabling enterprise customers to upload custom certs
◆ Meeting an SLO of fast cert issuance regardless of spikes in customer demand
◆ Edge support for TLS session resumption and OCSP stapling for faster sites
◆ Keeping ciphers up-to-date
◆ Instant edge updates
◆ Meeting an SLO of fast cert issuance regardless of spikes in customer demand
◆ Edge support for TLS session resumption and OCSP stapling for faster sites
◆ Keeping ciphers up-to-date
◆ Instant edge updates
The list goes on and this is just what I remember.
Grateful to @mglagola @juancampa @connordav_is @joecohens et al for giving this to every https://zeit.co customer out of the box, zero-config.
Grateful to @mglagola @juancampa @connordav_is @joecohens et al for giving this to every https://zeit.co customer out of the box, zero-config.
