If you’re reading this then welcome to the new server! Due to my web host taking a huge nose dive, I had to scramble to find new hosting. In doing so I explored SSL solutions and a friend suggested Let’s Encrypt. I liked the experience so much I thought I’d share it.
So my old host (unnamed) just imploded. What started as a nice little company with fast servers and great support, got bought out. The new company did what many big companies tend to do, which is cut costs and lower the quality of the product. They did this by giving us all a “server upgrade” which turned out to be a terrible service. The traffic from my site was crashing the cheap server quite frequently. I would call and get no answer, and emails were answered by outsourced support personnel who were just copying and pasting text into emails to me. 3 years of solid service vanished overnight.
So, I needed to move my site fast, and since I have SSL and all my pages are spidered in Google with SSL, it would be wise to continue using it. I didn’t want to even attempt to ask these support people to export my cert to move it here so I started looking at options. So I looked at LetsEncrypt. Since I moved my site to a nice new Linux server I knew this would be an option for me, and decided to give it a try.
How to Install Free SSL/TLS
So I had my nice little NginX server set up and all I had to do was the following:
1 2 3 4
This installed the per-requisites and the LetsEncrypt app. They have two options for installing the certs, one is a standalone method, and the other is a “webroot” plugin. The standalone method requires you to stop your server, while the webroot option will do it with the server running. I wasn’t too worried about stopping things so I simply ran:
And that created my certs. I wanted to strengthen things up a bit, and I’ll show what I did
Generate Strong Diffie-Hellman Group
To generate a strong Diffie-Hellman group, I ran the following command:
Note the location of the cert, I’ll be adding that to my default config. Here is everything I added to it:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
After that, save the file and restart Nginx:
Is that it? Yes that really is it.
Now I have a nice little green lock there. Not much different than the last cert I had:
Not too bad huh?
I shared this so you can see exactly how easy it is to use LetsEncrypt to set up free SSL certs for your site. The aim of this project is to encrypt everything, which is a fantastic idea.
What do you think? Share it in the comments.