Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Install Let's Encrypt SSL Certificate and Force It to Use HTTPS

DZone's Guide to

Install Let's Encrypt SSL Certificate and Force It to Use HTTPS

Using SSL should not be an option. This article discusses an available certificate for your site and how to force a server to use HTTPS.

· Performance Zone
Free Resource

Evolve your approach to Application Performance Monitoring by adopting five best practices that are outlined and explored in this e-book, brought to you in partnership with BMC.

SSL is becoming an important part of every website due to the exponential increase of credit-based card use for online repayments and a spike in cracking. If an E-commerce site is not using HTTPS, then users will feel that information exchange is not secure, and they will not trust the website.

SSL is a certificate which installed on site to make the interaction between the server and the user encrypted so that only the server machine and user machine will understand the communication between them.

What is Let’s Encrypt

Let's Encrypt is free SSL license approved by IETF(Internet Engineering Task Force). It is an open license authority. The certificate installs through Let's Encrypt and expires after 90 days which means you need to reissue it before it gets expired. Some hosting providers have started out offering Let's Encrypt. One of the hosting provider Cloudways is providing Let's Encrypt on single click plus they also renew the license automatically. Let's us go through how to install Let's Encrypt on your hosting.

Installing SSL Certificate Using Let’s Encrypt

In case your hosting providers are not providing you root access then you will not be able to set up Let's Encrypt. If you have root access, then follow these steps.

Let us set up Let's Encrypt on your server by cloning it from its official github repo.

git clone https://github.com/letsencrypt/letsencrypt


Once installed, move to its directory by:

cd letsencrypt


Now, let’s install the certificate by running the following command:

./letsencrypt-auto --help


Wait till the certificate is installed on your server. Since, you need to renew the certificate before 90 days. The command for renewal is:

letsencrypt renew --dry-run


It renews all your certificates. If you are running Apache on the most recent Debian OS, there is a single query which will automatically install and renew your certificate. Which is:

letsencrypt --apache


Keeping in mind that Let's Encrypt will create only five certificates for a single domain in a week. So don't make an effort to renew your license every day. Given that, the license is installed only thing remaining is that we force our site to use HTTPS for all of our pages. Now Let us make this.

Force Site to Use HTTPs

Once a certificate is installed on your server, two sites will be running having the same domain. One will be with http,and second will be with https. If we look from the SEO point of view, you will see that 2 different sites having same content are running which is not good for search engine rankings. In order to make it right, we will force our site to use only https for all pages of our domain. For that, follow the following step.

Open your .htaccess file if you have previously created it, or create a new one and paste the following code in it.

# Redirect HTTP to HTTPS
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,]


So now, whenever a user visits your site it will automatically redirect to the HTTPS version of your site.

I hope everything we discussed here is clear and easy to follow. Got any questions? Leave a comment and I’ll get back to you!

Learn tips and best practices for optimizing your capacity management strategy with the Market Guide for Capacity Management, brought to you in partnership with BMC.

Topics:
php ,web hosting ,web security ,security ,https ,htaccess

Opinions expressed by DZone contributors are their own.

The best of DZone straight to your inbox.

SEE AN EXAMPLE
Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.
Subscribe

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}