I love the Let's Encrypt integration with the OD server. Setting up SSL for the server is so simple, and I don't even have to worry about renewals as this is taken care of for me.

Now imagine this same functionality for all of your IIS sites.

This is how I envision it could work

• I go to Library > Certificates > Add certificate
• I'm given the option of importing a cert (i.e. the current functionality), or I can chose to use Let's Encrypt
• After picking Let's Encrypt, I'm prompted for a bit of info- domain, email address, verification process (see below), and do I accept the TOS?
• This would then allow OD to create the cert
• Now, I go to my Project's process tab, edit the IIS deployment step, and scroll to the Bindings section. From there, if I bind on HTTPS, I'd be able to pick one of my Let's Encrypt certs from a select list.

That's it- OD will automagically renew the certs for me once they get close to expiring.

Notes on verification process: OD could automatically handle the HTTP challenge, or it could allow users to pick DNS challenge. There's a step in the library that you could take inspiration from: http://library.octopusdeploy.com/step-templates/bc81b8a6-dc56-4769-87b5-650af7a38162/actiontemplate-lets-encrypt-create-ssl-certificate