Free SSL certificates by LetsEncrypt

Introduction

The way the web is moving and becoming essential for our daily lives its security is becoming crucial for all of us. Internet uses has grown from 16% to 47% worldwide in just a few years. Products and services like Google, Facebook, YouTube are being accessed more than 13 million times per second.

Every time we connect to the internet we send and receive lots of information which travel within the open network which is easily accessible to everyone. Data shared using HTTP is in plaintext format which anyone can easily read and misuse. The technology used to solve this problem is called Encryption, which encrypts the plaintext data is being shared.

Another challenge on the web is identity, as the web is wide open for everybody, who is sending what and what should they get in response is a major concern for data owners.

SSL (Secure Sockets Layer) is the technology which solves both problems in the Web and to enable and access the same we use HTTPS URLs to access secure content on the web.

SSL

The Secure Sockets Layer (SSL) and Transport Layer Security (TLS) is the most widely deployed security protocol used today. It is essentially a protocol that provides a secure channel between two machines operating over the Internet or an internal network.

HTTPS (HTTP Secure)

As per Wikipedia

HTTP Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP) for secure communication over a computer network and is widely used on the Internet. In HTTPS, the communication protocol is encrypted by Transport Layer Security (TLS), or formerly, its predecessor, Secure Sockets Layer (SSL). The protocol is therefore also often referred to as HTTP over TLS,[3] or HTTP over SSL.

In general, SSL is a secure transport layer in the network, enable us to encrypt the shared information so only the parties involved can understand the same and HTTPS is the communication protocol for web built using SSL to solve Encryption — hiding what being sent from one computer to another, Identification — to make sure the computer you are speaking to is the one you trust.

How Does HTTPS Work?

In general, the two basic process of HTTPS is to build trust on the network and Encrypt everything they share with each other.

Building Trust

Trust is required to verify if the involved party is authorized to receive the information being shared which is done using Certificates we use in HTTPS and also help to proceed further with encryption by agreeing on the Encryption logic.

Sending Certificate

In a browser context when trust is built between server and browser, the server sends a certificate containing the public key of the Encryption logic which browser stores and use to encrypt and decrypt the information being shared.

Encryption

After the certificate is received and installed by the browser, using the same public key the certificate contains it encrypts the data sent to the server and also decrypt the data sent by the server.

The LetsEncrypt Project

Earlier availing these certificate was costly and not being used by everybody so reduce the cost. The LetsEncrypt project has started with a single goal in mind to provide free SSL Certificate to everyone and secure the web for everyone. Companies and Tech giants like Mozilla, Cisco, Chrome, Facebook and etc become the top sponsors of the project.

Get started with LetsEncrypt

To get started with LetEncrypt and you have SSH access to your server, you need to install the CertBot on your server using following steps

1. Got to https://certbot.eff.org
2. Select your HTTP server (Apache, Nginx etc)
3. Select your server OS (Ubuntu, CentOs etc)
4. Follow the documentation

Further steps for (Nginx on Ubuntu 16.04-xenial)

Install Certbot

sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install python-certbot-nginx

Certbot have Nginx plugin to install the certificate using below command

sudo certbot --nginx

This will list all the domain names along with the subdomains you have in your Nginx configuration.

Select one or more domains to enable HTTPS, this will also make the desired changes in your Nginx configuration as well.

Conclusion

We are using web aggressively and it’s our duty to protect it using HTTPS is being forced by major tech companies in order to use their services.

So LetsEncrypt every project we have developed so far and also share this with others too.

Cheers!