SSL Certificate is mandatory for any transactional services based business website to comply with PCI DSS. It secures the data transmitted from client to server. Having SSL (HTTPS) to your website also helps you to boost ranking in Google.
Usually, SSL cert cost more than $200 however if you need a certificate for a non-production environment where data transaction is not critical you may try FREE SSL by Let’s Encrypt.
Let’s Encrypt has already issued close to one million SSL certificate till date.
Let’s get it started by using Let’s Encrypt to get SSL cert on Linux environment for Apache HTTP Server.
Below example is based on techpostal.com hosted on DigitalOcean with Apache HTTP server.
Installing Let’s Encrypt
- Login into Linux server
- Go to path where you want to install the let’s encrypt
- Clone the git repository of let’s encrypt
Note: if you don’t have git installed then you may use yum command to install it.
yum install git
You will see new folder “letsencrypt” created in your present working directory
drwxr-xr-x. 14 root root 4096 Mar 6 01:00 letsencrypt
- Go to newly created folder
Execute below command to install its all dependency
This may take few minutes to install. It will look for ServerName in Apache httpd.conf file and prompt to confirm the name which you would like the activate HTTPS for.
- Select the domain name from the list and OK
- Enter the email address and OK
- Agree on the Terms of Service
- It will prompt to choose if you would like to allow HTTP and HTTPS both or ONLY HTTPS.
- Easy: Allow HTTP and HTTPS both
- Secure: Allow only HTTPS
- Select the one you want and OK
It will take few seconds and then give you confirmation on successfully enabled SSL cert on your domain.
To validate, access your HTTPS URL and you should see it’s issued by “Let’s Encrypt Authority”
You see the entire process to get SSL cert is very easy. If you are looking for SSL cert in free then you may tryout Let’s Encrypt.
Once you have SSL certificate enabled for your website then don’t forget to have proper monitoring in place so you get notified before it expires.