Introduction
A certificate is an electronic file that allows for secure transactions by encrypting the concerned data and identifying the party with whom we are having a transaction/conversation. More concretely, in our case, when you visit a site configured with a certificate, you are sent to the various pages using the HTTPS protocol (a secure HTTP protocol) and your browser can display for you information regarding the identity of the site’s editor thanks to the certificate that they set up in advance.
In short, HTTPS means that:
- data is encrypted
- the website is identified
Enter Let’s Encrypt
Certificated are obtained from a certification authority, and for this there may be associated costs, which will depend on the type of certificate required (there are several levels of guarantees, as in when you are buying insurance). This is where Let’s Encrypt comes in: introduced about a year ago, this certification authority is funded by major players on the web and offers free and easy certificate generation.
Benefits:
Drawbacks:
- no certificate wildcards (such as *.mydomain.fr, that is, which applies to all subdomains at once)
- certificate validity is limited to 90 days (this issue is discussed in this article)
Configuration using alwaysdata
Thanks to the simplicity and quality of the services provided by Let’s Encrypt, we’ve added a great feature to alwaysdata: from now on, all your sites will be able to work using HTTPS, automatically and at no extra cost. Yes, you read that right!
Essentially, for every site address that you configure using the alwaysdata interface, a Let’s Encrypt certificate is generated within a few seconds. And the 3 month renewal? No need to worry, that is also automatically taken care of.
Of course, you may also keep browsing your site using HTTP, but just be aware that HTTPS can also be used by default, so if you wish your site to always be browsed securely, all you have to do is tick a box. Easy, right?
Edit (28÷11÷2016)
The Let’s Encrypt certificates for your web sites addresses are presently being generated and will appear in the next few days under the SSL Certificates > Self-generated certificates section.
The best new feature ever! Thanks AD and Let’s encrypt team & sponsors
:thumbsup: Thanks a bunch :-)
Amazing, you rock!
Excellent news!
I was also wondering if there might be any difficulty transitioning from a previous certificate to one of the certificates you generate automatically. I had one domain (fvsch.com) using a Let’s Encrypt certificate I had generated myself, expiring in January 2017. I went to the “Domains > fvsch.com > Subdomains” admin page to set it to use the automatically generated certificate (expiring in February 2017), it worked, and I removed my old certificate. Am I all set?
(As a side note, I believe something like “Force HTTPS Usage” might be better English for that checkbox label.)
@Fvsch: Yes, you did well. Feel free to contact us if you encounter any issue, and thank you for the feedback!
That’s awesome!! Thanks :))