Adding SSL Certificate few years ago was a painful and expensive process. This is no longer the case.
Last year Let’s Encrypt Certificate Authority came to life and made SSL certificate available to anybody free of charge. It is sponsored by a number of organizations such as Mozilla Foundation, that want to make the web safer.
Few days ago I logged in to my blog at Starbucks and realized that the transaction took place over an unencrypted connection. I decided it was time to look into adding a free SSL Cert to my blog.
I went to Let’s Encrypt which instructed me to download the certbot client on my server. This step was necessary since I self host my blog on Linode. If you are using Shared Hosting, chances are your host already has a one click Let’s Encrypt integration.
My operating system is Ubuntu 14.04 LTS and it did not have a pre-package certbot. I was offered a script to easily install it, which worked without a hick up. If you are on the latest OS, it might already have an “apt-get” version of certbot available to you.
In my case, after the installation, I ran the script and it automatically picked my blog from the Apache config file and let me confirm it via GUI. After the confirmation certbot automagically created my account and updated my Apache config file.
Let’s Encrypt cert needs to be updated every 3 months. The script instructs you about that after the installation and gives you a one-line to run to renew it. I’ve added the command to my
crontab -e to run every 3 months on my server
0 0 1 */3 * /home/your-user-name/bin/certbot-auto certbot-auto renew --quiet --no-self-upgrade. I did not test it properly, so I’ll update this post in 3 months if it will actually work as expected, but it was a good start 🙂 .
After that I installed Really Simple SSL plugin on my WordPress, and just like that my blog became “secure”.
Last thing I did was update my Google Analytics to expect traffic from
https: instead of
All in all it took me less than an hour. If your site or blog does not yet have SSL Certificate, I would highly recommend giving Let’s Encrypt a try.