imgIn the early days of my business, one of the first services that we offered was web development and design, to be quite honest because it was fairly easy to sell at a large profit margin. However, with me being me and having an intense background in system and server administration, we not only designed and developed the websites, we would also provide the hosting and maintenance for those sites.
All well and good except that some of those websites had either e-commerce built into the site or collected sensitive information from their customers or patrons. So it was a must to use SSL certificates to secure the data while in transport from the user’s browser to our servers (I’ll get into securing and encrypting that data at rest some other day). Back when we were doing it, you had to go find a trusted certificate authority that you actually trusted such as Verisign or Norton that usually came out to a few hundred dollars every year, generate your public and private certificates on your server then getting them to work with whichever web server you had. It was a mess. By far the thing that I hated doing the most for web hosting.
That’s why I was so stoked when I found out about a year and a half ago that The Electronic Frontier Foundation (EFF), in an effort to make SSL connections the new default, not only was becoming a certificate authority, they developed a tool called Lets Encrypt that makes it ridiculously simple to enable SSL on your website. All you have to do is go to https://letsencrypt.org, choose your operating system and web server and it will download the appropriate script. Oh yeah, it’s completely free!
Since Let’s Encrypt has came out, I have used it for every web server that I’ve set up whether it needs it or not. It literally on takes about five minutes to setup so why not?