Software Santa

Stocking Stuffers => Free Resources => Media and Web Site Creation resources => Topic started by: Software Santa on July 08, 2018, 03:02:49 PM

Title: Lets Encrypt is a free, automated, and open SSL Certificate Authority.
Post by: Software Santa on July 08, 2018, 03:02:49 PM
Lets Encrypt is a free, automated, and open SSL Certificate Authority.
(Software Santa uses Lets Encrypt himself - his Hosting Plan at A2 automatically supports This!!!)

SSL Certificates Are More Important Now Than Ever (https://www.a2hosting.com/blog/importance-of-ssl/)
A secure web is here to stay (https://security.googleblog.com/2018/02/a-secure-web-is-here-to-stay.html)


https://www.youtube.com/watch?v=e6DUrH56g14

Quote
Lets Encrypt is a free, automated, and open certificate authority brought to you by the non-profit Internet Security Research Group (ISRG).

  Getting Started     


To enable HTTPS on your website, you need to get a certificate (a type of file) from a Certificate Authority (CA). Lets Encrypt is a CA. In order to get a certificate for your websites domain from Lets Encrypt, you have to demonstrate control over the domain. With Lets Encrypt, you do this using software that uses the ACME protocol (https://ietf-wg-acme.github.io/acme/), which typically runs on your web host.

To figure out what method will work best for you, you will need to know whether you have shell access (https://en.wikipedia.org/wiki/Shell_account) (also known as SSH access) to your web host. If you manage your website entirely through a control panel like cPanel (https://cpanel.com/), Plesk (https://www.plesk.com/), or WordPress (https://wordpress.org/), theres a good chance you dont have shell access. You can ask your hosting provider to be sure.

With Shell Access
We recommend that most people with shell access use the Certbot (https://certbot.eff.org/) ACME client. It can automate certificate issuance and installation with no downtime. It also has expert modes for people who dont want autoconfiguration. Its easy to use, works on many operating systems, and has great documentation. Visit the Certbot site (https://certbot.eff.org/) to get customized instructions for your operating system and web server.

If Certbot (https://certbot.eff.org/) does not meet your needs, or youd like to try something else, there are many more ACME clients to choose from (https://letsencrypt.org/docs/client-options/).  Once youve chosen ACME client software, see the documentation for that client to proceed.

If youre experimenting with different ACME clients, use our staging environment (https://letsencrypt.org/docs/staging-environment/) to avoid hitting rate limits (https://letsencrypt.org/docs/rate-limits/).



Without Shell Access
The best way to use Lets Encrypt without shell access is by using built-in support from your hosting provider. If your hosting provider offers Lets Encrypt support, they can request a free certificate on your behalf, install it, and keep it up-to-date automatically. For some hosting providers, this is a configuration setting you need to turn on. Other providers automatically request and install certificates for all their customers.

Check our list of hosting providers (https://community.letsencrypt.org/t/web-hosting-who-support-lets-encrypt/6920) to see if yours is on it. If so, follow their documentation to set up your Lets Encrypt certificate.

If your hosting provider does not support Lets Encrypt, you can contact them to request support. We do our best to make it very easy to add Lets Encrypt support, and providers are often happy to hear suggestions from customers!

If your hosting provider doesnt want to integrate Lets Encrypt, but does support uploading custom certificates, you can install Certbot on your own computer and use it in manual mode (https://certbot.eff.org/docs/using.html#manual). In manual mode, you upload a specific file to your website to prove your control. Certbot will then retrieve a certificate that you can upload to your hosting provider. We dont recommend this option because it is time-consuming and you will need to repeat it several times per year as your certificate expires. For most people it is better to request Lets Encrypt support from your hosting provider, or switch providers if they do not plan to implement it.



Getting Help
If you have questions about selecting an ACME client, or about using a particular client, or anything else related to Lets Encrypt, please try our helpful community forums (https://community.letsencrypt.org/).


Here's a section explaining How it Works:  https://letsencrypt.org/how-it-works/ (https://letsencrypt.org/how-it-works/)
 

Get Started Here: https://letsencrypt.org (https://letsencrypt.org)

https://letsencrypt.org/how-it-works/ (https://letsencrypt.org/how-it-works/)