Search form

How to secure your website with SSL for free

    • 03 Apr

    How to secure your website with SSL for free

    By security, SSL Comments

    Problem: Nowadays, in case you haven’t noticed or read the news, the world’s most popular browser - Google Chrome - alerts you if a page is not secure and is asking for your information. In order to resolve this you need to install a TLS/SSL certificate on your website server.

    Solution: There’s actually a free solution called “Let’s Encrypt.”

    Let’s Encrypt is, to use their own description, a “free, automated, and open certificate authority” that allows you to move from the insecure “http” communications between server and client to the “https” secure standard. The goal of Let’s Encrypt is to move the whole Internet from more insecure protocols for better privacy and security. 

    There are plenty of tutorials out there on Let’s Encrypt, and Let’s Encrypt has very good documentation itself. Since we were using Digital Ocean, we used their tutorial for Ubuntu 16.04 here. 

    The process is remarkably simple. You’ll need to install the Let’s Encrypt client (generally Certbot, though for the Ubuntu 16.04 repositories it’s called “letsencrypt”). 

    sudo apt-get update
    sudo apt-get install python-letsencrypt-apache

    Generating the certificate simply requires one line:

    sudo letsencrypt --apache -d mywebsite.com (replace mywebsite.com with your website)

    Let’s Encrypt can also provide a single certificate for multiple domains. If you wanted to do that, you’d simply append the next domain to the previous line with “-d www.mywebsite.com” (note the “www”: make sure that the first domain you give is the top-level domain name, the following ones can be aliases and subdomains). 

    You’ll walk through a short configuration process, and then can confirm your certificate validity. That’s it!

    Oh, there’s one more thing: auto renewal. In order to keep that certificate good, you’ll want to setup auto renewal, likely with a cron job. Edit the root crontab:

    sudo crontab -e

    and include the following line at the end of the file:

    15 1 * * 1 /usr/bin/letsencrypt renew >> /var/log/le-renew.log

    You now have a new cron job that will renew the certificate every Monday at 1:15am. 

    And that’s it. You now have encryption the easy way with Let’s Encrypt!

    If all of that is too complicated or you just want someobody to take care of it for you, depending on your situation it may only take us an hour or $75 to do it for  you.

    Share this post

    Author

    We are a specialist web development agency experienced in all aspects of web design, content management systems like Wordpress and Drupal, e-commerce, hosting, conversions, reporting, SEO, and more. Our services are used across multiple industries and although most our customers are in Oregon, we also serve customers in other states such as California, Colorado, Washington, and Illinois.