How We Generate SSL Certificates for Custom Domains using Let’s Encrypt

ReadMe faced challenges with their SSL setup, primarily due to cost and complexity, as enabling SSL required purchasing certificates and setting up Heroku apps, leading to high expenses and technical hurdles for users. To address these issues, ReadMe explored Let's Encrypt, a free certificate authority that issues short-lived certificates with an API for automatic renewals, encouraging automation and simplifying the process. Testing involved using Certbot on EC2 and employing OpenResty, a dynamic web platform based on NGINX and LuaJIT, to dynamically serve and generate SSL certificates for arbitrary domains. This new system significantly simplifies CNAME DNS setup and is being phased into production, with plans to save thousands of dollars monthly. ReadMe also commits to donating to Let's Encrypt for every certificate generated, encouraging other companies to support the initiative.