# Trellis Adds Let's Encrypt Integration

**URL:** https://discourse.roots.io/t/trellis-adds-lets-encrypt-integration/6273
**Category:** blog
**Created:** 2016-03-22T23:10:08Z
**Posts:** 22

## Post 1 by @swalkinshaw — 2016-03-22T23:10:08Z

Originally published at: [https://roots.io/trellis-adds-lets-encrypt-integration/](https://roots.io/trellis-adds-lets-encrypt-integration/)  
Trellis now comes with automated Let’s Encrypt integration for free SSL certificates and the best HTTPS setup. HTTPS is now more important than ever. Strong encryption through HTTPS creates a safer and more secure web while protecting your site’s users. Google even started using HTTPS as a positive ranking for SEO purposes. Roots believes in…

---

## Post 2 by @kalenjohnson — 2016-03-22T23:11:28Z

I’ve gotten married, had two kids… some of the best days of my life. But up there is when Trellis got free SSL support :tada:

---

## Post 3 by @DavidSchargel — 2016-03-23T04:33:36Z

Amazing…Thank you, Scott!

---

## Post 4 by @darjanpanic — 2016-03-23T07:41:41Z

Amazing! :slight_smile:

Now a question everyone knew it will come… Is it going to work on a multisite and how can we use domain mapping with it? :stuck_out_tongue_winking_eye: (maybe domain mapping puts domain name to json file, let’s encrypt uses json to create certificates?) Sorry about the ramblings of a madman :wink:

---

## Post 5 by @richardwilis — 2016-03-23T10:42:20Z

[Roots.io](http://Roots.io) for president! Thanks for yet another great feature!

---

## Post 6 by @growdigital — 2016-03-23T13:30:40Z

Scott and Phil: YOU ARE AWESOME!

---

## Post 7 by @ben — 2016-03-23T14:28:30Z

See it in action on the Roots Example Project ([GitHub repo](https://github.com/roots/roots-example-project.com)):

[https://roots-example-project.com/](https://roots-example-project.com/)

A+ on the SSL Labs test: [https://www.ssllabs.com/ssltest/analyze.html?d=roots-example-project.com&latest](https://www.ssllabs.com/ssltest/analyze.html?d=roots-example-project.com&latest)

---

## Post 8 by @swalkinshaw — 2016-03-23T14:29:33Z

Trellis adds every `site_hosts` to the certificate. So I assume if you were using domain mapping you’d already have the hosts set in there?

---

## Post 9 by @merchantguru — 2016-03-23T14:42:16Z

The moment we’ve all been waiting for. SSL this easy? Definitely a new era. Roots continues to innovate and move the WP community forward. Thanks so much!

---

## Post 10 by @jankups — 2016-03-23T14:52:55Z

This looks amazing!

Any tips on the right workflow to update my current Trellis ( and Bedrock/Sage ) install? I’m thinking overwriting the files is probably not the way to go. How would i update the /trellis folder with the ‘trellis/master’?

---

## Post 11 by @diggs — 2016-03-23T14:53:06Z

Amazing work guys! We’ve been pushing all our clients to get behind SSLs and this just makes it that much easier!!

---

## Post 12 by @swalkinshaw — 2016-03-23T15:46:24Z

There’s some existing topics on this such as [Best practices to update Trellis](https://discourse.roots.io/t/best-practices-to-update-trellis/5386)

---

## Post 13 by @sewmyheadon — 2016-03-23T16:15:52Z

Was just talking with @merchantguru about how LetsEncrypt was coming to Trellis last night at the WP SEA Developer’s Meetup and _here it is_!

Thanks Scott, Phil and crew for implementing this - it’s amazing and will really help in securing customer and staging sites. Can’t wait to try it out.

---

## Post 14 by @masoninthesis — 2016-03-23T20:58:51Z

So happy this came out today. I was just considering updating the stack of one of my older Wordpress sites this week, then thought “damn then I’ll have to redo the SSL config” which was almost a deal breaker (probably out of laziness).

So with this update, does it require any custom NGINX configuration? Or is it entirely automated from the yml file?

---

## Post 15 by @NusserStudios — 2016-03-23T21:13:22Z

Big up to Scott and Phil, and the rest of the Roots team. You guys kill it. Looking forward to Let’s Encrypt. Thank you from the bottom of my heart.

---

## Post 16 by @Josh_Ellis — 2016-03-23T23:17:39Z

Guys this is ridiculously awesome. Thanks so much!

---

## Post 17 by @swalkinshaw — 2016-03-24T04:00:50Z

It’s all automated as mentioned many times :slightly_smiling:

---

## Post 18 by @masoninthesis — 2016-03-24T04:52:53Z

I just couldn’t believe my ears :slight_smile:

---

## Post 19 by @Twansparant — 2016-03-24T08:42:13Z

This is truly awesome!  
Quick question, if you’re not using Trellis for the actual deployments, could you add the **ssl provider** variable to your **.env** file or is that not gonna work?  
Thanks!!!

---

## Post 20 by @craigpearson — 2016-03-24T10:23:31Z

> We strongly encourage everyone to use letsencrypt and turn SSL on. In the near future we will be making SSL via Let’s Encrypt the default in Trellis.

Does this mean that you’ll be removing the `manual` option and won’t officially support other 3rd party certificates which aren’t self signed or provided by letsencrypt?

---

## Post 21 by @ben — 2016-03-24T12:17:01Z

Nope, `manual` will always be supported

---

## Post 22 by @ben — 2016-03-24T12:49:55Z

If you’re using Trellis for provisioning then you’ll be covered. Your env vars just need to make sure they’re using `https` in the URLs.
