Installing the LetsEncrypt SSL Certificate, and Arranging an Automatic Renewal

Chrome warning
Chrome warning…

Introduction

There are a lot of reasons to use TLS encryption on a website. Some of them are obvious (e.g. the protection of visitors’ safety), and some are related to the subtleties like SEO and user experience. Many analysts recommend switching to HTTPS because the search engine of Google considers HTTPS as one of the ranking signals. Besides that, new versions of browsers, (e.g. Chrome) frighten visitors of non-encrypted websites, marking them as “unsafe”.

Until recently, many webmasters, bloggers and SOHO business owners used to encrypt their resources with free StartSSL and WoSign certificates. Since StartSSL and WoSign certificates were going to be distrusted by Mozilla (https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/) and Google, and there were no other free options to get SSL for a long term, we have chosen a LetsEncrypt (https://letsencrypt.org/getting-started/) option. Since the LetsEncrypt certificate is valid for 90 days only, automation is really needed. A recommended automation tool is EFF’s Certbot (https://certbot.eff.org/). This utility semi-automatically enables HTTPS on your website, deploying Let’s Encrypt certificates.

Hereinafter we share our own experience on initial installation and automation, briefly.

Continue reading “Installing the LetsEncrypt SSL Certificate, and Arranging an Automatic Renewal”