Skip to content

Instantly share code, notes, and snippets.

@kovanchandra

kovanchandra/how-to-implement-https.md

Last active November 5, 2018 06:43
Show Gist options
  • Save kovanchandra/72750fc3f88651c3c17bd209ef9b137d to your computer and use it in GitHub Desktop.
Save kovanchandra/72750fc3f88651c3c17bd209ef9b137d to your computer and use it in GitHub Desktop.
Download ZIP
How to implement HTTPS Website in 10min with Free Certificate?
Raw
how-to-implement-https.md

What is HTTPS?

HTTPS is secure version of HTTP, all transferred data will be encrypted at both client and server sides. And only client who has the valid key can decode the information.

Benefits using HTTPS :

  1. Data exchanged between the user and the website is not read, stolen or tampered with by a third party.
  2. Increasing SEO Ranking
  3. Visitors more confident in using your Website (Secured Sign will Appear on the Browser URL Editor)

Implementation :

Okay now it's time to implement HTTPS on our website. In order to enable HTTPS, we need Digital Certificate which provided by Certificate Authority (CA), then at the end Digital Certificate will be verified by browser before deciding its as Secure Connection.

Generally, we had to pay to get the Digital Certificate, but don't worry, Let's Encrypt (CA) let us get it for free. Let’s Encrypt uses the ACME protocol to verify that you control a given domain name and to issue you a certificate. To get a Let’s Encrypt certificate, you’ll need to choose a piece of ACME client software to use.

The most recommended one is Certbot. In this case we use Nginx as Web Server and Centos 6.5, you can change it depending on your software (Ex. Apache with Ubuntu).

1. Open shell, and Install Certbot

   wget https://dl.eff.org/certbot-auto
   chmod a+x certbot-auto

2. Get Digital Certificate

   $ sudo ./path/to/certbot-auto --nginx

above snippet will get certificate and configure your Nginx automatically, but if failed or you want to configure Nginx by your self, run below snippet.

   $ sudo ./path/to/certbot-auto --nginx certonly

3. Configure your Nginx if you choose certonly

   server {
       listen      80;
       listen      [::]:80;
       server_name kovanchandra.com; 			#change with your own domain
   
       return 301 https://$server_name$request_uri;
   }
   
   server {
   	root /usr/html/wordpress; 				#change with your own root
   	index index.php index.html index.htm;
   	server_name kovanchandra.com;			#change with your own domain
   
   	listen 443 ssl;
   
   	ssl_certificate     /etc/letsencrypt/live/kovanchandra.com/fullchain.pem;	# change to your fullchain.pem path
   	ssl_certificate_key /etc/letsencrypt/live/kovanchandra.com/privkey.pem;		# change to your privkey.pem path
   
   	include /etc/letsencrypt/options-ssl-nginx.conf;
   }

4. Restart your Nginx, then access your Website. Secured Web Sign will be appear on the Browser URL.

5. Last, Let's Encrypt certificates last for 90 days, you must renewal your Certificate, to make it automatically use cron job (scheduler job) to execute this python script.

   ./path/to/certbot-auto renew

Apply it to cron (this will run automatically every noon and midnight everyday) :

   0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew

Enjoy your Secured HTTPS Website.. :)))

Read on my medium @kovanchandra or web : https://medium.com/@kovanchandra/how-to-implement-https-website-in-10mins-with-free-certificate-3a01b2cc3fe or https://kovanchandra.com

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment