Starting from today Let’s Encrypt service is a public beta 🙂 This mean you can create certificates trusted by most of the browsers right now. So it is a perfect time to create SSL certificates for all your TLS services and get rid of self-signed certificates. Also it will help to switch to the new HTTP/2 protocol.
Only few things i am missing – non-python client without tonn of half-implmented features and some similar s-mime solution. First thing should be easy to implement, its just a matter of time, protocol is open and easy to understand.