Automatically Provisioning Certificates, Using an Amazon Dash Button

There has been a great deal of debate around the move to HTTPS on the web, although not all of it has been particularly well informed. But, unless you’ve been living under a rock for the last few years, it should be obvious that the web is moving to HTTPS. We have in fact reached a tipping point.

Traditionally, however, security certificates have an associated cost. Making your site secure has cost not just time, but money. So one thing that has driven the move is “Let’s Encrypt,” a free, automated, and open Certificate Authority.

But due to the short 90-day lifetime on their certificates, it turns out that the “automated” bit is sort of important. While there’s a lot advice, it can get pretty hairy especially on some operating systems. So, wouldn’t it be better if you could renew your certificates at the push of a button?

Renewing “Let’s Encrypt” certificates at the push of a button. (📷: Scott Helme)

The Amazon Dash Button was launched over three years ago on April 1st. The initial reaction by a lot of people was that it could well be a joke, John Gruber said at the time that “I’m not sure whether this is genius, or the stupidest thing Amazon has tried yet.”

Either way, since its release, makers have taken the little Internet-connected button into their hearts, and into their homes. Now security researcher Scott Helme has hacked the Dash Button to automatically (re-)issue “Let’s Encrypt” certificates.

Using the Dasher framework, designed to bridge your Amazon Dash buttons to HTTP services, and the acme.sh script that allows you to automatically issue certificates, Helme connected the button up to issue the certificate using a simple PHP script.

“It allows you to issue Let’s Encrypt certs using the DNS challenge instead of a HTTP challenge so I don’t need to host any services externally for this little project. The script simply hooks the Cloudflare API, sets some DNS TXT records and then issues a certificate for me.”

Now you have no excuse not to renew your certificates when you get the nagging emails or text messages from your server management console telling you they’re all about to expire. Just push the button and you’re done.

--

--

--

Scientist, Author, Hacker, Maker, and Journalist.

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Alasdair Allan

Alasdair Allan

Scientist, Author, Hacker, Maker, and Journalist.

More from Medium

Order up! Learn how Concentrix Catalyst is redefining “fast food” with emerging tech

Access to the vehicle’s data sheet via the TRONITY Platform

Find and remove duplicate files in Google Drive, Dropbox, OneDrive, MEGA and Yandex.Disk easily

DeDuplicate — Find and remove duplicate files in the cloud (Google Drive, Dropbox, OneDrive, MEGA, Yandex)

Envelop Encryption