NAT.

Free SSL is here to stay. 

When I read about the Let's Encrypt free SSL for the first time years ago, I thought the big CAs out there will end it before it becomes a hit. But here we are today about to celebrate the launch of free SSL wildcard certificate. 

The issuing of the wildcard certificates was initially planned to start on January of 2018 but was delayed due to some unexpected stuffs :) 

Below is a quote from Josh Aas, ISRG Executive Director.

We previously communicated that we would launch ACMEv2 and wildcard certificate support on February 27th. ACMEv2 and wildcard support is nearly ready but we will be delaying the full launch in order to give our teams more time to complete testing and quality assurance activities. While we work hard to hit deadlines, we are inclined to prioritize a quality release over hitting a deadline.

The biggest reason for this delay is the recent TLS-SNI deprecation. This unexpectedly pulled most engineering resources away from ACMEv2 and wildcard support for approximately two weeks.

We introduced a public test API endpoint for the ACME v2 protocol and wildcard support on January 4, 2018. Thank you to everyone who has provided feedback on the staging endpoint.

We will provide updates here weekly and encourage client developers to continue to utilize the staging endpoint to prepare for ACMEv2 and wildcard issuance.

Feb 27 Update: There are no known major issues with the ACMEv2/wildcard test endpoint. ACMEv2 and wildcard support quality assurance is continuing. No release date to announce yet.

Getting a Let's Encrypt issued wildcard certificate will really help DevOps all over the world, including me :)