For a while, I’ve been thinking about encryption domains, like this one. But cost & complications associated with enabling SSL encryption prohibited me to do so…
Today, I’ve realised, Let’s encrypt, new certificate authority, that is completely free, automated and open, makes SSL encryption super easy!
Try it yourself (this if for Ubuntu 14.04 & Apache, for another system configuration check https://certbot.eff.org/):
sudo apt-get install git sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt cd /opt/letsencrypt sudo ./letsencrypt-auto --apache -d DOMAIN1 -d DOMAIN2 # setup weekly cron autorenewal on Monday at 2:30 sudo crontab -e # and paste `30 2 * * 1 /opt/letsencrypt/letsencrypt-auto renew >> /var/log/le-renew.log`
If you wish to redirect all traffic domain through HTTPS, do following:
# enable mod_rewrite engine in apache2 sudo a2enmod rewrite # add to your apache conf file # redirect to HTTPS RewriteEngine on RewriteCond %{HTTPS} off [OR] RewriteCond %{HTTP_HOST} ^YOUR_DOMAIN\.COM* RewriteRule ^(.*)$ https://YOUR_DOMAIN.COM/$1 [L,R=301] # reload apache2 configuration sudo service apache2 reload
VoilĂ !
Inspired by digitalocean.
Thanks to @sheebang for underlining the importance of renewing the certificates!