blog

Secure your website with CertBot

APPSEED

Easy-to-use automatic client that fetches and deploys SSL certificates

Starting with version 63 Chrome officially shows up a nice warning that informs your users that your connection is not secure.It's ok if you serve static content like a blog or just some contact info on your page.


But how about a page that requires credit card information for a commercial order? Or for an account where they need authentication to view their data?


On our old product page — now discontinued — we had no certificate. Luckily there is a simple way to provide authentication and be secure today without investing a lot of money. There is always paid alternative and prices dropped down a lot. Today you can buy single site certificates starting from 2.88 and wildcard certs from 42. Prices per year. Pretty cheap. But when you are a startup and build up just a small MVP or presentation website.

 

Let's encrypt gives you two options:

- Without shell access you can check if your provider is supported

- With shell access we use CertBot


Today we will concentrate on the free, DIY side with CertBotThe best part is that you can choose the way your website or server is already configured. Then you can pick up the OS and you will be redirected to the step by step page. For this example we have Apache running on Ubuntu 17.

Install - On Ubuntu systems CertBot team maintains a PPA.


$ sudo apt-get update
$ sudo apt-get install software-properties-common
$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update
$ sudo apt-get install python-certbot-apache

For Apache you will use the specific parameters to activate the plugin and generate your SSL certificate.


$ sudo certbot — apache

Automatic renewal

This is a recommended step since Let's encrypt certificate expires in 90 days. You can setup a cron job to run each 90 days and get your system backed up for ssl certs. You will have to create a script with this command.


$ sudo certbot renew — dry-run

Automatic renewal via CRON. And then add it yo cronjob to run each 89 days. Just type crontab -e and add this:


0 0 */89 * * crontab renew — dry-run


Pretty simple! If you don't want to waste time and concentrate on more important stuff you can get our SSL service support for only 10$/year. 

Thanks a lot to CertBot team! Source: https://certbot.eff.org/#ubuntutyakkety-apache



Cheers!

 Adi - AppSeed.us 

#automation tools for bad ass developers


#linux      #ssl      #certbot