the itjerk

my adventures with technology

let’s encrypt – free ssl

Let’s Encrypt is “a free, automated, and open certificate authority” from the ISRG (and now apparently the EFF), and a growing list of technology big-names. And in the sounds too good to be true department, they offer not only free ssl certificates, but an easy to use tool that configures your web server, or ACME – automated certificate management environment, in a just a few easy steps. Encrypting web traffic should be utilized not only with sites running e-commerce or email, but whenever the use of passwords is involved.

First step is to install the client via git:

sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt

Then run the config:

cd /opt/letsencrypt
./letsencrypt-auto --apache -d yoursite.com

The client will ask a few questions about the certificate you want to install. Most importantly, remember that you probably need to apply it to your default-ssl.conf. To test your new certificate, use SSLLabs website:

https://www.ssllabs.com/ssltest/analyze.html?d=yoursite.com&latest

The tutorial below even shows you how to add renewal options to cron for set and forget ease. Remember to git pull and stash to keep everything up to date. And most of all, it’s a free service!
On the web:

Let’s Encrypt – Free SSL/TLS Certificates

How To Secure Apache with Let’s Encrypt on Ubuntu 14.04

Advertisements

Comments are closed.

%d bloggers like this: