Just noticed this and thought it was quite exciting for automated deployments: https://letsencrypt.org In theory one should be able to deploy a charm and have it setup validated SSL/TLS without any of the pain of having to pass certificates via charm options, directories, etc. More information here: https://letsencrypt.org/howitworks/ Rob