Thanks for the intro Rich. I think it's important that we make HTTPS as easy as possible with Apache httpd. I don't have a particular architecture in mind, my not being an Apache dev, but I do have a user experience in mind -- the simplest config option possible, without having to fetch/install additional packages. When that option is set, httpd should turn on HTTPS and get and manage certs as necessary without the user needing to know much of anything about it. There can, of course, be other options for more advanced users.
Doing this will obviously require an ACME client. I'm curious to hear what httpd devs think is the best architecture for including the client, storing the necessary data (cert chain, ACME account info), and configuring the feature. If we can come up with a plan that results in making HTTPS with httpd easy, one that the httpd devs are happy with, I can help to make funding available for the work. I'd also appreciate any recommendations for people to do the work. I'll end this email with a link to a great example of seamless integration in the caddy web server: https://www.youtube.com/watch?v=nk4EWHvvZtI Thanks, -- Josh Aas Executive Director Internet Security Research Group Let's Encrypt: A Free, Automated, and Open CA