Fastly and Let's Encrypt


#1

Hi,

Anyone know if Let’s Encrypt work with Fastly?


www.sslforfree.com

We are starting to create a NAS certificate in order to upload it on Fastly.
I was wondering to know if someone in the community already try to upload Certs from Let’s Encrypt to Fastly with success.

Now the TLS certificate for one domain is cheaper, but made a NAS cert for 100 domains is different story (around 1.700 USD) so we would move to Let’s Encrypt.

Any good/bad story to share?


#2

Not seeing any reply to this. I’m also trying to get Fastly to reverse proxy to my LetsEncrypt secured backend but always getting a sslv3 alert handshake failure. Anyone get around this?


#3

You can use your own certificates, but currently that is at an extra cost. This is because there is still a lot of human effort involved with safely deploying certificates and private keys to our fleet.


#4

Using any cert on your backend should not be a problem. If you are getting errors, please contact support@fastly.com with the exact error, but before you do that, check that your backend supports TLS 1.0 at a minimum, and preferably TLS 1.2.


#5

Found the solution was needing to specify SNI hostname and to specify Cyphersuites as ECDHE-RSA-AES256-GCM-SHA384 under the Advanced TLS options.