Switch From StartSSL/StartCom To Let's Encrypt (Enable HTTPS For Websites)

Last year I was suggesting to use StartSSL/StartCom to get free SSL certificates and easily enable HTTPS for websites. Apparently now Chrome and Firefox have distrusted their certificates and considered my site as a "malicious" site after then. I went online and looked for alternatives and Let's Encrypt is a really great service (free & more freedom). Here I log the process how did I switch to certificates with Let's Encrypt.

In this log/tutorial, I assume websites have already enabled SSL (e.g., using conf.d in httpd as demonstrated in this earlier post) and are using Apache version less than 2.4.8. Also, I'm using Debian 7. Otherwise, try to follow instruction here. Continue reading Switch From StartSSL/StartCom To Let's Encrypt (Enable HTTPS For Websites)

Setting Up SSL Certificate for Website

04/13/2017 Update: StartSSL's certificate is currently distrusted by Chrome and Firefox. So avoid using it! Instead use Let's Encrypt (tutorial here to switch to them).

This is a simple log in case I forget the steps, it may or may not help you. A good thing about StartSSL is now they support up to 5 subdomains under the same root domain for free. This is very nice.

  1. Go to https://startssl.com and "Authenticate" using a stored certificate. If you don't have one, you need to "Sign-Up"
  2. After logging in, first we need to validate domain. Go to "Validations Wizard" and select "Domain Validation (for SSL certificate)." Next enter your root domain, for example, happyz.me. Before going to the next step, if you have set domain privacy, you need to temporarily disable that to quickly get the validation code to your real email address. Procedure afterwards is trivial: enter code for validation and then re-enable domain privacy when validation completes.
  3. Download the zip, in my case happyz.me.zip. If it does not automatically download, goto "Toolbox" and then "Certificate list" to retrieve the zip.
  4. Since my server is using Apache, unzip the "ApacheServer.zip" in the downloaded zip and you will get two files: 1_root_bundle.crt and 2_happyz.me.crt.
  5. Enable SSL for the website by modifying the config file in apache folder. For example:

Continue reading Setting Up SSL Certificate for Website