Since Edward Snowden publicly revealed the depths and widths of global internet surveillance, encrypting the web has become a hot issue. One of the best safeguards against hijacking communication transmitted through your website that I have come across is called Let’s Encrypt.
What Is Let’s Encrypt?
Let’s Encrypt offers automated domain validated certificates to any website owner completely for free. These are the certificates that make your website start with
They are often called SSL certificates, although the Secure Sockets Layer protocol is now deprecated and completely superseded by the Transport Layer Security or TLS protocol. This is also the protocol Let’s Encrypt utilizes for issuing certificates.
Let’s Encrypt started issuing certificates in public beta is now sponsored by many of the largest and most well-known online companies, including Google, Facebook, Mozilla, Akamai, or Automattic.
You can read more about the certificate issuance process here.
Just to be clear, Let’s Encrypt does not offer organization validated or extended validation certificates. These are the ones that require notarized documents to be submitted to the certificate authority (CA). The CA then reviewes and double-checks all submitted information and issues a certificate.
Those certificates come with a green browser bar containing the name of the organization which operates the domain. And they are quite pricey…
The $1000 price mark is not unusual for these extended validation certificates.
The benefits of using a security certificate for your domain are obvious:
- you fight back against a big brother style total surveillance of the web
- you make sure that attackers are not able to hijack your site’s sessions
- you make sure that your visitors’ and, more importantly, your customers’ information are transmitted securely
Hosting Providers Implementing Free SSL Certification
Several hosting companies have already implemented the Let’s Encrypt solution.
Here is a list of those hosting providers who are publicly stating so:
I am using Cyon’s services myself. And they made activating the security certificates truly idiot-proof. Look…
A free one-click approach to getting an SSL certificate is the best and most user-friendly way to make web communication more secure. Other hosting providers should and will follow in their tracks.
Implement It Yourself
Of course, you can also request a certificate for your domain yourself. There are automated modules available for Apache and Nginx servers in the master GitHub branch: https://github.com/letsencrypt/letsencrypt.
In case you don’t have access to your server’s root or don’t want to allow access to it, you can use: https://github.com/diafygi/letsencrypt-nosudo.
There’s also this handy list comparing 10 Lets Encrypt clients.
There are several nicely written tutorials regarding the technical aspects of the implementation.
Just Google or read through one of the following write-ups:
- How To Secure Apache with Lets Encrypt on Ubuntu 14.04
- Setup Lets encrypt SSL for your domains – Centos 7
- How I used Lets Encrypt to enable HTTPS on this blog
- Lets Encrypt, on Windows
- Getting the Job Done with Lets Encrypt
- How to automatically obtain an SSL certificate from Lets Encrypt on Symbiosis (manual install)
In conclusion, there’s not much to add but a great and heartfelt thank you. Thank you, Let’s Encrypt people.
All these tools are totally awesome and totally free.
Liked this post?
Subscribe to our newsletter to receive early notification of new posts and deals: