I promised the guys here at Techzim that I would be sharing a few things that can help us improve our ecosystem. So I am hopeful that over the course of this year, time permitting, I will be sharing a few tech bites from my experience as a software engineer and entrepreneur.
Many of you have gone through the expensive hassle of forking out $65 to godaddy.com or some other issuing authority just to purchase an SSL certificate. Now a non-profit organization called Let’s Encrypt has begun a beta test for a free and automated certificate issuance platform. The instructions are simply and the whole process takes less than 5 minutes to complete.
So who’s behind this and why are they doing it. First the why, except for the bad guys out there, a more secure internet is a win for everybody and especially for the users of the internet. Unfortunately however, because of the cost and cumbersome process, not every website owner is able to provide a secure connection for the visitors to their site. An organisation called the EFF (no, not that one), short for Electronic Frontier Foundation, partnered with Mozilla, Akamai, Google, Facebook, Cisco and others to create this simple to use and and free SSL certificates so anyone can secure connections to their site.
You can read more about the initiative, how it started and what they are looking to achieve here. And you can head over to their website and try it out. No more excuses for the man-in-the middle/network-spoofing attacks.
8 comments
Thank you Freeman for sharing this invaluable knowledge. The current process is indeed cumbersome. I will be sure check out Let’s Encrypt and your other upcoming articles 🙂
well, yes and no. there isnt such a thing as a free lunch.
the paid for SSL providers will provide you with warranties depending on the type of certificate you buy.
The REAL HASSLE, you have neglected to mention, is that certificates are valid only for 90 days. After which you have to regenerate the certificate. If you are willing to put up with remembering to regenerate your certificate 4 times a year for your site, then GREAT!!. Personally, I’d rather just fork out for my 2 year certificate and forget about it for 2 years whilst I concentrate on more pertinant issues. The second thing you neglected to mention is that letsencrypt works BEST when you have you own server or use VPS solutions, it’s not designed for shared hosting that most developers use.
Hopefully, when the project is out of beta the certificates will have a longer lifespan.
Renewal is trivial if you know how to set up a cron job. As for using VPS, I think people should migrate from that because $25 for a cloud server per month for multiple virtualhosts can be subsidised by the $65 you will pay for the cert
Cronjobs are simple to create, but easy to misconfigure. It is a viable option though, but what happens when an error occurs at the point of execution. Then you need a method of error checking and code to reschedule the cron or notify the developer. A lot of cronjobs make assumptions about network connectivity, disk space and even the correct timezone. Once you consider all these things THEN it stops being simple.
I’m not sure which $25 VPS servers you are using, I’m sure that’s on the low end of memory, assigned processing units and bandwidth quotas. Besides it’s quite presumptive that developers should also be system adminstrators. My core business is development, NOT administration.
I am just saying instead of VPS devs should look for better cloud options at Softlayer, Rackspace or Amazon. Just quoting “My core business is development, NOT administration”, I think it is important that Developers become acquainted with DevOps. I hope my next post will be abt using Chef/Puppet for provisioning and deployment of cloud servers
$65 versus free and checking 4 times a year? I think free rules..Hameno.. Thanks FREEMAN Chari 😉
already using it, works like a charm https://app.vambita.com/crm