/ letsencrypt

Now with SSL

Over the last few weeks I have been working on configuring the Let's Encrypt service to install an SSL Certificate.

An SSL Certificate is digital file with a signed cryptographic key which is issued by an trusted certificate authority. When a web site is configured to use an SSL certificate, it will allow for secure connections over https instead of the basic insecure connection provided by http.

Let's Encrypt is one such Certificate Authority, which provide free and secure certificates. This is kinda of a big deal, as in the past SSL certificates were really expensive. Also another point for using Lets Encrypt, is the ease of use and automation of the process to setup the certificate.

So when Let's Encrypt was released, I signed up for the beta. As with most of my endeavors with new software, things just didn't work out as advertised. So I pushed Let's Encrypt and SSL certs to the back burner, until today (6/5/2016) I decided to give it another shot.

Using the Standalone Verification Method I generated the files/crypto keys necessary to utilize SSL on my server. The next step was to configure my web server to make use of those files. As usual at this point the recommended script to configure the server to use SSL did not work for me. So I quickly fired up a google search and looked for examples or similar problems.

I found some really good info on basic SSL configuration here at ServerWorld.info Following the steps found there, I was able to decipher why the install script was not working, and complete the steps by hand. Once the files were in the proper locations, and the web server was configured to make use of them, I restarted the service and to my surprise, it worked! https://independentcomputing.biz was now live and working without a hitch.

There was still one hurdle to jump still, The blogging software I use for the site would revert back to any non https link. This is not what I wanted so again I took to google to find the answers, and I found it in the form of the Redirect permanent / https://independentcomputing.biz/ configuration option in Apache. Once that was set and the server restarted again, things worked as expected!

Web browser address bar

Now you will see a padlock in the address bar of your web browser, this indicates that the connection between my web server and your web browser is secure. There may be some content on my website which does not use https, this is because I have included an URL link which is not secure. (Sometimes this is unavoidable) When you double click on that padlock icon, you will see the certificate details...

Conclusion

The next steps will be to write my own script to automate the whole process, so when the time comes to renew my certificate it is done automatically. The Let's Encrypt service is great! I'm so glad that I got it working, I have been wanting to set up SSL cert since the late 90's. Now that I have one up and running my site I'm completely taken back on how easy it was to set up. Big shout out to the team at Let's Encrypt for making a complicated and a expensive process, free and painless.

![Let's Encrypt Banner](/content/images/2016/06/Screenshot-from-2016-06-06-08-35-18.png)