Let's Encrypt Free SSL Certificate
Another Big Milestone – Let's Encrypt is now offering Free HTTPS certificates to everyone.Let's Encrypt has opened to the public, allowing anyone to obtain Free SSL/TLS (Secure
Socket Layer/Transport Layer Security) certificates for their web servers and to set up
HTTPS websites in a few simple steps (mentioned below).
Let's Encrypt – an initiative run by the Internet Security Research Group (ISRG) – is a new, free, and open certificate authority recognized by all major browsers, including Google's Chrome, Mozilla's Firefox and Microsoft's Internet Explorer.
The Free SSL Certification Authority is now in public beta after testing a trial among a select group of volunteers.
Why Let's Encrypt?
Let's Encrypt promised to offer a certificate authority (CA) which is:
- Free – no charge for HTTPS certs.
- Automatic – the installation, configuration as well as the renewal of the certificates do not require any administrator action.
- Open – the automatic issuance, as well as renewal procedures, will be published as the open standard.
- Transparent – the records of all certs issuance or revocation will be available publicly.
- Secure – the team is committed to being a model of best practice in their own operations.
- Cooperative – Let's Encrypt is managed by a multi-stakeholder organization and exists to benefit the community, not any of the consortium members.
How to Install Let's Encrypt Free SSL Certificate
First of all, let's say you want to get a certificate for example.com. To run the installation, you must have root access to your example.com web server.
To Generate and Install Let's Encrypt Free SSL Certificate, you must first download and run the Let's Encrypt client application.
To install Let's Encrypt Free SSL certificate follow these Steps:
Step 1: Login to your 'example.com' web server using SSH with root access.
Step 2: To install the Git version control system, type the following command:
apt-get install git
Step 3: Then download and install the latest version of Let's Encrypt Client application, type the following commands:
Step 4: Once the installation starts, press Enter to accept the agreement.git clone https://github.com/letsencrypt/letsencryptcd letsencrypt./letsencrypt-auto
Step 5: Then press Enter to specify the server name manually in the text box (for example,www.example.com) and then press Enter.
Step 6: Next, enter your email address, where you can receive messages from Let's Encrypt and to recover lost keys, and then press Enter.
Step 7: Review the 'Terms of Service,' and then press Enter to generate and install the SSL certificate.
Once the installation completes, you'll receive a 'Congratulation' message.
How to Configure Nginx/Apache for Let's Encrypt SSL Certificate
By default, Nginx or Apache web servers are not configured to how to use your new certificates.
For example, in case of Nginx: To use the installed SSL certificate, you need to edit Nginx configuration file. Type the following command to open Nginx configuration file:
$ sudo nano /etc/nginx/sites-available/www.example.com
Within that file, add the following lines.
http{server{…listen 443 ssl;server_name www.example.com;ssl_certificate /etc/letsencrypt/live/www.example.com/fullchain.pem;ssl_certificate_key /etc/letsencrypt/live/.wwwexample.com/privkey.pem;…}}
Save the file, and just restart your Nginx web server, using the following command:
$ sudo nginx -s reloadThat's it! Check complete documentation here.
Congratulation you have successfully installed SSL certificate for your example.com domain.
Note : How to Renew Let's Encrypt Free SSL Certificate: It is important to note that the beta version of
Let's Encrypt issues certificates that expire after 90 days. So, to renew your SSL certificate, you need
to run the letsencrypt-auto script again after expiration.
Hack The Security
Hack The Security Twitter
0 comments:
Post a Comment