Client a *fecking nightmare* to use.
Tried to install it on an Ubuntu 10.04 LTS server. Not a chance.
You clone from github which runs a Python program which is really a Docker-container (? I could be wrong here) which downloads its own set of dependencies which don't always work. Then you are told to do --help... you do that and the syntax in there is wrong and/or massively incomplete (unless you have a fully working Apache setup on the same machine - why would you sign certs on the web server itself?). Only in the wiki does it mention plainly that -d selects the domain.
The Apache setup didn't work for me on 10.04 or 12.04 LTS with default Apache (couldn't even find the default site). The standalone setup requires you to kill apache and/or otherwise have port 443 open. The manual setup involves copy/pasting a convoluted bit of key into a horribly convoluted named file publicly accessible on the website (much more than, say, a a google file verification or even a TXT record verification). Then if you get all that and battle through the junk, it produces only a test cert that you can't use yet or - if you sign up for their beta and are approved - might work.
It took me a LONG time to get a single cert out of the system and only worked by doing so manually (and then having to manually edit the Apache setups, etc. to use the key). I know free SSL certs are great and everything, but the amount of hassle is unbelievable given that it's supposed to have a one-click client.
They REALLY need to make a much simpler client to create these things, that doesn't try to BY DEFAULT mess up your Apache config to shove the keys in. Let's not even get into what will happen when you need to auto-renew etc. At this point, my old OpenSSL cert generation scripts and an upload to an SSL signer over the web are infinitely simpler.
Biting the hand that feeds IT
