SSL Certificate is mandatory for any transactional services based business website on complying with PCI DSS. It secures the data transmitted from the client to the server. Having SSL/TLS (HTTPS) to your website also helps you to boost ranking in Google Search. Usually, SSL cert costs more than $200; however, if you need a certificate for a non-production environment where data transaction is not critical, you may try FREE SSL by Let’s Encrypt. Let’s Encrypt is an open certificate authority (CA) sponsored by SUCURI, Cisco, Facebook, AKAMAI, Chrome, Automatic, SiteGround, etc. that issue an SSL certificate at no cost. Let’s Encrypt has already issued a close to 200 million SSL certificate to date.
Let’s get it started by using Let’s Encrypt to get SSL cert on the Linux environment for Apache HTTP Server. The below example is based on techpostal.com hosted on DigitalOcean with the Apache HTTP server.
Installing Let’s Encrypt
Login into Linux server Go to the path where you want to install the let’s encrypt Clone the git repository of let’s encrypt
Note: if you don’t have git installed, then you may use yum command to install it.
You will see a new folder “letsencrypt” created in your present working directory
Go to the newly created folder
Execute below command to install its all dependency
This may take a few minutes to install. It will look for ServerName in Apache httpd.conf file and prompt to confirm the name which you would like the activate HTTPS for.
Select the domain name from the list and OK
Enter the email address and OK
Agree on the Terms of Service
It will prompt you to choose if you would like to allow HTTP and HTTPS both or ONLY HTTPS.
Select the one you want and OK
It will take a few seconds and then give you confirmation on successfully enabled SSL cert on your domain.
To validate, access your HTTPS URL, and you should see it’s issued by “Let’s Encrypt Authority.”
You see, the entire process to get SSL cert is very easy. Once you have an SSL certificate enabled for your website, then don’t forget to test the site for SSL/TLS vulnerability and misconfiguration.