let’s encrypt ssl certificate

For years having a ssl certificate on your site was beyond the scope of simple sites, due to the cost of certs. This removes a layer of privacy, and I’ve tried many times, with a variety of methods and tools, to give Gamer-Geek-News the secure green lock, with limited success.

I find DNS settings to be somewhat of a dark art, and my path to a solution when dealing with DNS is purely trial and error, with a dash of searching. So no surprise that an SSL certificate had eluded for so long; that is until Let’s Encrypt was launched 🙂

Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG).

We give people the digital certificates they need in order to enable HTTPS (SSL/TLS) for websites, for free, in the most user-friendly way we can. We do this because we want to create a more secure and privacy-respecting Web.

The key principles behind Let’s Encrypt are:

• Free: Anyone who owns a domain name can use Let’s Encrypt to obtain a trusted certificate at zero cost.
• Automatic: Software running on a web server can interact with Let’s Encrypt to painlessly obtain a certificate, securely configure it for use, and automatically take care of renewal.
• Secure: Let’s Encrypt will serve as a platform for advancing TLS security best practices, both on the CA side and by helping site operators properly secure their servers.
• Transparent: All certificates issued or revoked will be publicly recorded and available for anyone to inspect.
• Open: The automatic issuance and renewal protocol will be published as an open standard that others can adopt.
• Cooperative: Much like the underlying Internet protocols themselves, Let’s Encrypt is a joint effort to benefit the community, beyond the control of any one organization.

We have a page with more detailed information about how the Let’s Encrypt CA works.

Since I moved my site to Digital Ocean, even though they package in Let’s Encrypt, I have never been able to establish a secure ssl connection… until now 🙂

This awesome detailed guide: https://www.editsoftdigital.com/install-lets-encrypt-on-wordpress-droplet/ by Vivek Tripathi solved all of my problems.

Here’s a brief step by step summary, but please check out the original material at Edits of Digital for more detail.

Steps to install Let’s Encrypt on WordPress

• install Certbot
  • add repository
    • sudo add-apt-repository ppa:certbot/certbot
  • update packages
    •  sudo apt-get update
  • install Certbot
    • sudo apt-get install python-certbot-apache
  • Certbot now ready for use 🙂
• set up SSL certificate
  • obtain certificate that covers yourdomain
    • sudo certbot -d yourdomain.com
      • fill in required details
  • test that your new shiny cert is active
    • https://www.ssllabs.com/ssltest/analyze.html?d=gamer-geek-news.com
      • A rated 🙂

That easy! Any problems check out the well maintained and insightful help boards at https://community.letsencrypt.org/