I’ve been wanting to include SSL with my websites for some time but didn’t want to necessarily go with the generic cert provided by my hosting provider. Many months ago my curiosity was piqued when I was listening to Steve Gibson on his Security Now podcast talking about a new, free Certificate Authority called Let’s Encrypt.
Let’s Encrypt is a consortium of sponsors which is geared towards making SSL available to everybody. The idea seemed simple enough. Install something on your server and let it beacon the mothership while taking some sort of action to prove you have control of the server. Just like magic the cert would be created.
Fast forward to 2016 and I’ve let it slip like so many other good ideas. So imagine my joy when I went to look into it again at the first of the year only to read that my host was planning on supporting it. w00t! Today I got the email that they’re officially part of the LE public beta. Double w00t!
I have to say that my experience was pretty amazing for the most part. I never expected it to be so fast or seamless. I literally generated the cert and was up and running on SSL with my own domain’s certificate in under a minute. I didn’t time it so I can’t be too accurate, but based on watching the PC clock there’s no way it was much longer than 30 secs. In a little over a minute I had two domain’s setup.
I did notice one thing that I can’t explain yet. When I registered my primary domain it seemed to have wigged out the WordPress install somehow. My theme doesn’t look the same. It’s minor, but it’s something I’ll have to clean up. Of course, like an idiot I didn’t run a quick backup before I installed the cert so I don’t have any recourse and have nobody to blame but myself. The only other thing I had to do was make a quick edit to the .htaccess file for each domain to include a rewrite rule to force https instead of allowing http. That’s it. I don’t think it gets much easier than that. And now I have a full-fledged SSL encrypted site.