Get YOUR Free & Recognized SSL certificate with LetsEncrypt

Get YOUR Free & Recognized SSL certificate with LetsEncrypt

Last months i did a consulting mission which was about putting in place a secured and highly available corporate web site hosting architecture.

Above putting in place the technical parts :

-Master/Slave Web frontends (Virtualmin cluster + DNS health-check and switching homemade Java app…)

-Master/Master replication MySQL servers

-Realtime www files bi-directional synchronization (unison + SSH)

The jobs was also about getting though all the process of buying a SSL WildCare Certificate. The whole process was painful, long and very time consuming (generate the CSR, make the order, getting in touch with the support, the sales, provide many official documents, commercial registry, get signatures… emails validations…)

It took weeks the get the certificate and minutes to install it🙂

A friend remind me about LET’S ENCRYPT project (https://letsencrypt.org/, thanks Yvon), this week i found the time to know more about and try it on my company website (https://www.africasys.com)

Quite frankly the best definition of what it is, is the one on the web site: a free, automated and open Certificate Authority (CA like Verysign, Thawte…)

The project has a lot of sponsors https://letsencrypt.org/sponsors/ among them are some of the Web OTTs  (Over The Top)

Very simple, no email, no credit card, no validation, no documents just commands & cron scheduling🙂

As the classical certificate ordering you provide the target domain except here you don’t provide the company, owner, legals , validity time information. A certificate is generated within seconds and BETTER: INSTALLED directly on the web server which makes it automatically operational.

In my case the certificate duration was 3 months, so its needs to be renewed. The best way is to automatize that by scheduling a CRON job. Here is a good web site to get hands on LESTENCRYPT processes (install, certificate generation, renewal, revocation…)

https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-14-04

Also if like me, your website is using WordPress as engine, you can install Force HTTPS plugin to make the web site transparently and fully HTTPS

https://wordpress.org/plugins/wp-force-https/

Fee free to comment or get in touch with me.

 

Laisser un commentaire

Entrez vos coordonnées ci-dessous ou cliquez sur une icône pour vous connecter:

Logo WordPress.com

Vous commentez à l'aide de votre compte WordPress.com. Déconnexion / Changer )

Image Twitter

Vous commentez à l'aide de votre compte Twitter. Déconnexion / Changer )

Photo Facebook

Vous commentez à l'aide de votre compte Facebook. Déconnexion / Changer )

Photo Google+

Vous commentez à l'aide de votre compte Google+. Déconnexion / Changer )

Connexion à %s