0%

Fix Not Secure Warning With Let's Encrypy

Posted on Edited on

Fix Not Secure Warning With Let’s Encrypy

Refs:

Intro

  • SSL: Secure Socket Layer
  • SSL Certificates are Digitals
  • CA: Certificate Authority

SSL Type

  • EV: Extended Validation
    • Hard to get
  • OV: Organizatinoal Validation
    • For Company
  • DV: Domain Validation
    • Easiest, Cheapest
    • Let's Encrypt is free

Step 1 — Install the Let’s Encrypt Client on Ubuntu 16.04

1
2
sudo apt-get update
sudo apt-get install python-letsencrypt-apache

Step 2 — Set Up the SSL Certificate

1
2
3
sudo letsencrypt --apache -d example.com
or
sudo letsencrypt --apache -d example.com -d www.example.com
  • Easy: Allow both HTTP and HTTPS access to these sites
  • Secure: Make all requests redirect to secure HTTPS access

Always choose Secure

certificate files location: /etc/letsencrypt/live

SSL Status: https://www.ssllabs.com/ssltest/analyze.html?d=example.com&latest

Step 3 - See what happen

/etc/apache2/sites-enabled

Step 4 — Renew

ssl expired after 90 days

1
sudo letsencrypt renew

(Optional) Step 5 — Set Up Auto Renewal

sudo crontab -e

1
30 2 * * 1 /usr/bin/letsencrypt renew >> /var/log/le-renew.log

will execute letsencrypt-auto renew every Monday at 2:30 am.

Revoke Certificate

1
sudo letsencrypt revoke --cert-path /etc/letsencrypt/live/example.com/fullchain.pem