Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Let's Encrypt Is Awesome

DZone's Guide to

Let's Encrypt Is Awesome

Learn how to encrypt all the things and keep your site safe using this freely available, and really great, program for generating SSL certificates.

· Security Zone ·
Free Resource

Mobile is increasingly becoming a part of every consumers’ identity, but the increasing use of this digital channel is escalating the security risks faced by consumers and institutions.

Let's Encrypt is a free way to get an SSL certificate onto your website and until recently I had never tried it. It is very easy and I think it is awesome.

IIS is the web server software that Microsoft includes with Windows 10 and Windows Server. I have it installed on my laptop and it displays the default IIS page.

It is not really a good idea to host websites on your laptop, use a dedicated web server, or host with a hosting company, however, the techniques are the same and it gives me something to write about!

In order to point a domain name at what IIS on my machine was serving up, I did the following:

  • Do a google search for "whats my IP." This will return your public IP. Most residential ISPs use dynamic IPs so it may change over time, (which is another reason not to host a website on your laptop!).
  • Add an A record on a domain with the IP address you have just got.
  • Your public IP most likely points at your router, not your laptop, so enable port forwarding of port 80 and port 443 to the internal IP of your laptop (something like 192.168.0.11, etc.).

Now comes the fun Let's Encrypt stuff!

First, you need a Let's Encrypt client. There are a lot of them out there, mostly for Linux flavors, however, a bit of googling found a windows one. Go to https://github.com/PKISharp/win-acme/releases and download the zip file and unzip it.

Run the executable from the zip file and follow the onscreen prompts.

Press N to create a new certificate.

Then press 1 to bind to the single website found in your IIS setup.

And now, magically, Let's Encrypt knows what you have setup in IIS.

Now, all you need to do is enter an email address, in case a renewal fails, and agree to the Let's Encrypt terms, and you are all set up!

How awesome and easy is that for getting your websites working with an SSL certificate?! If you have IIS configured on a server, give it a try and you can SSL all your things.

Explore the authentication advancements that are designed to secure accounts and payments—without overburdening consumers with a friction-laden experience.

Topics:
security ,ssl certificate ,web application security ,web site security ,let's encrypt

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}