{"componentChunkName":"component---src-templates-tag-js","path":"/tags/ssl/","result":{"data":{"site":{"siteMetadata":{"title":"LoginRadius Blog"}},"allMarkdownRemark":{"totalCount":2,"edges":[{"node":{"fields":{"slug":"/engineering/lets-encrypt-with-ssl-certificates/"},"html":"

What is an SSL Certificate?

\n

Let’s start with some working definitions of the HTTP and HTTPS protocols. HTTP is the Internet protocol over which data is sent between a browser and a server when they are communicating. HTTPS is the secure counterpart of HTTP , which encrypts data to ensure private communication.1 An SSL certificate is a data file that is installed on a web server to enable the use of the HTTPS protocol.2

\n

Why SSL Certificates?

\n

The communication privacy that HTTP provides is desirable for obvious reasons: for example, you would not want a website you are purchasing something from to not encrypt your credit card information before sending it to the server, for that would expose it to everyone who needs only a decent understanding of how the internet works to access it. Other benefits of SSL certificates include:

\n\n

Considerations

\n

There are some considerations to be aware of when implementing SSL certificates on your server. There is a cost involved due to he infrastructure that has been put into place by the SSL certificate provider to issue the certificate. Additionally, processing encrypted data takes more server resources. However, there is available hardware that can minimize this impact.3 Considering the additional security and end user trust SSL certificates can bring to your website, there is no doubt that its benefits far outweigh the costs and efforts of its implementation.

\n

A Final Note

\n

You might be aware that version 3.0 of the Secure Sockets Layer protocol was deprecated in 2015 by the IETF because of its vulnerabilities. Other protocols, such as TLS, are more secure and have to be used in replacement of SSL.5 This might lead you to think, how do I replace my SSL certificate with a TLS certificate so I ensure security in my website? The answer is you do not have to. Although the phrases ‘SSL certificate’ or ‘SSL/TLS certificates’ are used, the certificates are not bound to the protocol your server uses. Certificates can be used with either SSL or TLS; what determines what protocol you use is your server configuration.6

\n

References:

\n
    \n
  1. SSL Certificate Products
    2. \n
  2. What is an SSL Certificate?
    3. \n
  3. IETF
    4. \n
  4. SSL vs TLS - What's the Difference?
    5. \n
\n

Note: image labeled for reuse, taken from Google images.

\n","frontmatter":{"date":"January 14, 2019","updated_date":null,"title":"Let's Encrypt with SSL Certificates","tags":["SSL","SSL Certificate","Security"],"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1,"src":"/static/0a5fe6d5d73fe4e13e3e6b415bb2983d/46604/ssl.png","srcSet":"/static/0a5fe6d5d73fe4e13e3e6b415bb2983d/69585/ssl.png 200w,\n/static/0a5fe6d5d73fe4e13e3e6b415bb2983d/497c6/ssl.png 400w,\n/static/0a5fe6d5d73fe4e13e3e6b415bb2983d/46604/ssl.png 500w","sizes":"(max-width: 500px) 100vw, 500px"}}},"author":{"id":"Ruben Gonzalez","github":"rubenprograms","avatar":null}}}},{"node":{"fields":{"slug":"/engineering/get-your-free-ssl-certificate/"},"html":"

These days SSL is a must-have element for websites, but SSL certificates are costly and range from $30 to $500 per year for a single website. Don’t fret! You can get a FREE SSL certificate! Through “Let's Encrypt\", a free, automated, and open certificate authority, you will be able to acquire the necessary certificate to enable SSL on your website. Check out the below steps you can follow to get an SSL certificate for your site today.

\n

To obtain this certificate, you will first need to prove ownership of the domain. There are two requirements that you need to meet in order to generate a certificate from “Let's Encrypt”:

\n

Http-01:
\nYou will need to setup a directory on your web server's root, and the name of this directory should be “.well-know” and with a “acme-validation” directory included within this. Inside these directories, create a file containing the random string that was provided by the ACME server and this file should serve content which is the random string included in the doc.

\n

Sample Structure

\n
/.well-known/acme-validation/<random file name provided by ACME>
\n

Dns-01:

\n

You will need to create a .TXT record on the subdomain _acme-challenge. For instance, if you would like to obtain an SSL for the domain “example.com”, then you will need to setup a subdomain on this domain - _acme-challenge.example.com - and the content of the .TXT record will be a random string provided by the ACME server.

\n

Now that you have everything setup, how do you get your FREE SSL? Below, we will go over the various ways to enable SSL for free on your website:

\n

1. Certbot : certbot is a Linux utility that is simple yet powerful. This tool doesn't share private keys with any servers, and it keeps your private key on the client that is being used to generate the cert.  You can install certbot with the following command on ubuntu:

\n
$ sudo add-apt-repository ppa:certbot/certbot\n$ sudo apt-get update\n$ sudo apt-get install certbot
\n

The certbot site has even more details and information for installing this on other systems.

\n

Once installed, open the DNS Manager (must do!) and call the following command to get the SSL certificate for your domain.

\n
sudo certbot --text --agree-tos --email <YOUR EMAIL ID> -d <YOUR DOMAIN> --manual --preferred-challenges dns --expand --renew-by-default  --manual public-ip-logging-ok certonly
\n

This command will request that you add the .TXT record on the subdomain _acme-challenge. Once this is added, simply press any key to generate the SSL certificate. It will show the locations of the certified file.

\n

2. Online using https://www.sslforfree.com/ : This is also a non-profit site and you can get SSL without any installation; just follow the steps to set up the ACME compliant site structure. They provide an easy step-by-step guide for generating the SSL certificate. Once you work through the guide, you will be able to download a copy of your certificate and include on your webserver.

\n

3. Other ways : There are lots of other ways to get the “Let's Encrypt” SSL. This page contains a list of ACME clients and libraries, so you can choose to work with whichever one that best suits your needs.

\n","frontmatter":{"date":"July 13, 2017","updated_date":null,"title":"Get your FREE SSL Certificate!","tags":["Engineering","SSL"],"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1,"src":"/static/44e96863451de6352d54342c2dd11bf3/bc59e/letsencrypt.png","srcSet":"/static/44e96863451de6352d54342c2dd11bf3/69585/letsencrypt.png 200w,\n/static/44e96863451de6352d54342c2dd11bf3/497c6/letsencrypt.png 400w,\n/static/44e96863451de6352d54342c2dd11bf3/bc59e/letsencrypt.png 512w","sizes":"(max-width: 512px) 100vw, 512px"}}},"author":{"id":"Kundan Singh","github":null,"avatar":null}}}}]}},"pageContext":{"tag":"SSL"}},"staticQueryHashes":["1171199041","1384082988","2100481360","23180105","528864852"]}