Nice to have, let's encrypt

8

This is nothing more then a nice to have. 

Let's encrypt support baked into Kemp. 

(Someone made a guide on how to integrate, but this requires an external server: https://blog.ganser.com/automate-lets-encrypt-certificate-renew-and-deployment-to-kemp-loadbalancer/ )
However this is not a perfect way to do it. Using DNS validation this could be made to work with Kemp.  

11 comments

Avatar
0
Mark Hoffmann -- Technical Product Manager, LoadMaster Product Owner

Hi and thank you for posting your request!

I see that we have had a few requests in the past for this functionality, but it has not been taken up by development yet. I'll add your vote to the existing request and will follow up here when the status of the request changes.

Best regards,

Mark

Avatar
0
w.vanbrakel

Hello,

 

Adding let's encrypt support directly from a loadmaster would be a great feature. Especially if it would be available from API.

It would make our lives a lot easier when adding ssl applications for our customers.

 

Thanks

Avatar
0
Mark Hoffmann -- Technical Product Manager, LoadMaster Product Owner

Hi and thank you for adding your vote to this request!

I've updated the current story with your vote and will post here again when the status of the request changes.

Best regards,

Mark

Avatar
0
thomas.dohl

Hello support,

I would be very interested in this function too.

Best regards,

Thomas Dohl

Avatar
0
Mark Hoffmann -- Technical Product Manager, LoadMaster Product Owner

Hi and thanks for posting!

I updated the open feature request with your vote. As soon as there is any new information available, I will post here again.

Best regards,

Mark

Avatar
0
d.pennings

opt me in too!

Avatar
0
IT Administrator

Creating a new DEV environment in Azure using Kemp 7.2.44.0.16685 and can't use existing PROD SSL certs. Would love to be able to utilize Let's Encrypt for free certs. Is this functionality available yet? If not is there an ETA on it? Thanks!

Avatar
0
MooijR

+1 from me for this feature to be integrated as base functionality.

Avatar
0
ian

We are a big user and supporter of Lets Encrypt. We currently renew our certificates manually on VMs and transfer them to the Kemps every 90 days. Supporting creation and auto-renewal of Lets Encrypt would be a huge plus for us.

Avatar
0
Tom O'Connor --Technical Product Manager, Kemp 360 Central Product Owner

Hi all,

My name is Tom O'Connor and I am the Product Owner for the LoadMaster Family of products at Kemp.

Thank you all for your interest in having support for Lets Encrypt in our LoadMaster product.

We are considering this as part of our Product portfolio strategy for 2019 and appreciate that having Let's Encrypt would make all your lives a little easier. 
I will be able to provide more details on an implementation timeline closer to the end of Q3 2019.

Thanks, 
Tom

Avatar
0
Maurice Mcmullin

Hi - This is Maurice from Kemp Product Line Management.

Kemp products currently support the use of Let’s encrypt certificates in our products but do not currently support features such as auto-renewal and revocation. As the underlying Let’s Encrypt ACME protocol for auto-renewal and revocation is now an official standard (https://datatracker.ietf.org/doc/rfc8555/), we will be supporting these features in a future release of Kemp 360 Central, our centralized management platform for ADC resources.

We have taken this approach as Kemp 360 Central is the logical place to manage the certificate lifecycle especially with wildcard certs where the same certificate may be deployed on multiple ADC instances. We are enhancing Kemp 360 Central with ADC configuration management capabilities which include the ability to push certificates & keys to ADC instances. We will support domain validation, certificate issuance, validation and revocation using the ACME protocol with Let's Encrypt being the first Certification Authority to be supported.

We anticipate that this feature will be available in Q4 2019.