Free SSL certificates (web dev question)

Mr_Roboto

Doing the jobs nobody wants to
TCG Premium
Feb 4, 2012
25,679
30,591
Nashotah, Wisconsin (AKA not Illinois)
Do you mean a "Self Signed" Certificate?

No, I've done those before just because I've had pieces of infrastructure piss me off (Java fucking hates self signed SSLs, so you make your own rootCA and add it to your systems.)

I've heard good things about Let's Encrypt https://letsencrypt.org/. They have their own roots but are cross-signed by trustworthy CA's. Not all hosts support them yet though.

This is exactly what I was thinking about, and where I was going without naming a product. :) I have a VPS, so I am the one who gets to make decisions to support them or not. I did it without say WHM so it will be a manual installation but it doesn't seem terrible. Just want to be sure there's no surprise implications.

Lets Encrypt is pretty awesome, but I don't know that I would use it for a "production" web site yet. The scripting portion of it is pretty nice that it auto renews, but like stated above they get flagged on some browsers.

What are you using it for? Work or home?

This is for my personal web site and the web site of the ham radio club I am in. Nothing I have to worry about e-commerce people flipping their shit over "it's got a funky padlock instead of the one I'm used to." Also, I am looking for SEO sakes as much as anything Google fucks you if you're not SSL these days.
 

radioguy6

TCG Elite Member
TCG Premium
May 23, 2008
11,912
24,201
Schaumburg
Real Name
Greg
for a personal site, let's encyrpt is fine. Major browsers support it because their roots (even though relatively new) are cross-signed with the bigger trusted CA's as they establish themselves. Its a matter of if your host supports it, I know cpanel has a plugin. For something mission critical, yeah I'd probably stick with a paid SSL, you can shop godaddy certs with a promo code. Yes Google is now ranking based off SSL.
 

sickmint79

I Drink Your Milkshake
Mar 2, 2008
26,909
16,621
grayslake
i was looking into free ones at the time but my host (1and1) appears to have no capacity to use them, and probably no interest as long as they can charge me 25/yr.

i essentially have them for slight SEO bump purposes. not sure if it is worth the effort for a personal site or ham radio club? i don't think the bump is particularly large and what are you trying to rank for? i have it because i host a business site, my car site does have a couple affiliate ads, and my incomm site i want to attract all eyeballs to so that i can tell my story of how that company sucks balls. i'll stop paying for the cert on that one next it comes up though. when the CIO googles his name my results are #1 and #2, bitch
 

Mr_Roboto

Doing the jobs nobody wants to
TCG Premium
Feb 4, 2012
25,679
30,591
Nashotah, Wisconsin (AKA not Illinois)
okay, so I got my first one installed. Not terrible with the ACME Client. I will say there are a few pluses and minuses to these, here they are:

1-You do have to generate a CSR, usual business. "push" IMO.
2-The certificate process doesn't require registration, you just run the client on the server. Really awesome IMO.
3-The caveat is it's a 90 day valid cert.
4-Most people just auto renew using crontab it seems.
5-You're limited to 20 certs a week for a domain. This would be blah.com or mail.blah.com or Z.blah.com. I don't see virtually anyone ever hitting this, and they're doing wildcards in 2018 according to their site.

Overall a pretty damn snazzy deal IMO. I need to do the other domain I run, but I haven't quite gotten there yet. Oh, and I used the tiny-acme client built into CentOS (RHEL) 6. That is probably one of the larger reservations I had, just didn't want to be installing some rando piece of software on my server that was just out there.
 

Mr_Roboto

Doing the jobs nobody wants to
TCG Premium
Feb 4, 2012
25,679
30,591
Nashotah, Wisconsin (AKA not Illinois)
what domain do you run and what do you do with it?

Right now I have two, I am working on Will County Amateur Radio League – official home page which is really in its infancy and I'm working on my personal mess of ramblings and miscellanery Valve Industries – Random engineering and other stuff.

I was actually going to try to keep it on the DL, but hey back linking is good right? Valve Industries is an experiment for me to dabble with things like SEO, social media and have a place for my projects/their related documentation.

At one point in my life I was also the server admin for Turbo Mustangs/The Turbo Forums, but that was a long time back. Tragically a schism within the forum and Facebook killed off a lot of the traffic there. I still am a somewhat infrequent participant, but I hope one day they make a come back.

Besides this I also started out my IT career in web hosting. Although it was far from a perfect experience it gave a lot of skills. I did more the server side stuff than the webmaster stuff though, so I'm just picking that up as I go along.
 
Old Thread: Hello . There have been no replies in this thread for 90 days.
Content in this thread may no longer be relevant. Consider starting a new thread to get fresh replies.

Thread Info