HTTPS (also called HTTP over TLS, HTTP over SSL and HTTP Secure) is a protocol for secure communication over a computer network which is widely used on the Internet. HTTPS consists of communication over Hypertext Transfer Protocol (HTTP) within a connection encrypted by Transport Layer Security or its predecessor, Secure Sockets Layer. The main motivation for HTTPS is authentication of the visited website and protection of the privacy and integrity of the exchanged data.
https is good for SEO too, but if you are going in a old school way, ssl's are way too costly. Wondering how to get it for free?
Let's Encrypt is to the rescue. Let's encrypt is a certificate authority that launched on April 12, 2016 that provides free X.509 certificates for Transport Layer Security (TLS) encryption via an automated process designed to eliminate the current complex process of manual creation, validation, signing, installation, and renewal of certificates for secure websites.
From there about section
The key principles behind Let’s Encrypt are:
Free: Anyone who owns a domain name can use Let’s Encrypt to obtain a trusted certificate at zero cost.
Automatic: Software running on a web server can interact with Let’s Encrypt to painlessly obtain a certificate, securely configure it for use, and automatically take care of renewal.
Secure: Let’s Encrypt will serve as a platform for advancing TLS security best practices, both on the CA side and by helping site operators properly secure their servers.
Transparent: All certificates issued or revoked will be publicly recorded and available for anyone to inspect.
Open: The automatic issuance and renewal protocol will be published as an open standard that others can adopt.
Cooperative: Much like the underlying Internet protocols themselves, Let’s Encrypt is a joint effort to benefit the community, beyond the control of any one organization.
Here is step by step guide to install let's encrypt on Ubuntu Apache server
Step 1. Download and install Let's encrypt client certbot
sudo wget https://dl.eff.org/certbot-auto sudo mv certbot-auto /usr/local/sbin
Step 2. Give execute permission to certbot-auto
sudo chmod a+x /usr/local/sbin/certbot-auto
Step 3. Setup SSL certificate
certbot-auto --apache -d <your_website_name.com> -d <www.your_website_name.com> -d <blog.your_website_name.com>
The above command will install dependencies and you will be presented with step-by-step options to customize your installation.
After installation is finished you will find certificate file generated at
Step 4. Renew certificate after every 3 months
The certificate generated by letsencrypt are only valid for 3 months and you will need to renew it, this process can be automated by running a cronjob every month with this command below
Add to crontab
30 2 * * 1 /usr/local/sbin/certbot-auto renew >> /var/log/le-renew.log
Installing on nginx server follow along this tutorial from digital ocean