[dba-Tech] SSL certification

Jim Lawrence accessd at shaw.ca
Sat Aug 4 01:14:32 CDT 2018


Hi All:

Things have changed and in the next couple of years all our websites will have to be certified. It is not a choice anymore. That said, it is not difficult or expensive to setup a basic certified site. If we use "Let's Encrypt" register at https://letsencrypt.org/ 

One note, is that port 80 must be used for this certification/registration. If you need to use a different port or have an internal intranet there are only paid options currently available,

Here is one video showing how to starting up by first setting up certification, on your web server, connecting and validating your web site certification and finally, showing how to automate the process of re-certification, which is needed every three months.

https://www.youtube.com/watch?v=Jqif0a3dB7c

The example is shown on a Centos Linux distro (It is a copy of the RHEL (Red Hat Enterprise Linux) server.) but the process is very easy to manage across all operating system.   

Here is a how to setup the same service on a Cloud or on home server using my favourite Linux distro:

https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-18-04 

...and of course an Azure site:

https://www.youtube.com/watch?v=AuMj31MEy5E

I could be wrong but setting up certification on the Azure distro looks like a bear, but still straight forward.

I am sure there is a simple method for accomplishing the same results on Windows desktop/server computers and most web host site will have the registration and certification but it will add extra to you monthly costs.

Aside: I was planning on re-installing "Let's Encrypt" on my main server, this weekend but will have to re-image the box as I have somehow borked the boot partition from a totally unrelated issue done some months ago...ran out of inode space due to drives being too large...35TB total...and not planning ahead....We just need to change the boot partition into a file, instead. One of my Son-in-laws will be coming in this weekend and I will use his expertise. ;-)
 
Jim


More information about the dba-Tech mailing list