Friday, March 23, 2018

Free HTTPS certificate availability

There's two main reasons why you want HTTPS on your website:

1. You want to provide communications privacy to your visitor, in other words: you don't want anyone to see what your visitor is doing in your site.
2. You want to prove your identity, which is important if you are selling things or handling sensitive data.

What many people don't know is that the main reason certificates are expensive is due to #2: these companies need to do some verification on their own, which costs money.

If you just need HTTPS for a blog, personal website, or a marketing site that is not handling purchases and/or sensitive information, a certificate that protects the communications is more than enough, and a full-blast certificate is overkill.

Enter the https://letsencrypt.org/ initiative.

These nice folks will happily issue you a free certificate that covers #1. That basically covers the lowest tier offered by all certification providers, which sell these for about $10/year.

The only problem is that these are almost not ready for prime time. It involves a minor amount of geekery involved, and it was embraced on the Linux side of the business before it was done for Windows. Still, it is now possible to install a small app on Windows that will happily generate a CSR, send it to Let's Encrypt, fetch a 3-month certificate, install it in the correct IIS website, and setup a task to magically renew it every 3 months. And it's free.

And of course, if you are dealing with Apache in Linux, everything I outlined in the previous paragraph will work for you too.

But wait, there's more! Google just added this capability to Blogger! Their approach is so simple that I actually screwed it up: you click a button, you wait 5 minutes and it's all done. You don't even see the phrase "Let's Encrypt" or "free certificate." It simply does it for you. If you want to see it in action, notice that this blog is using it. As you can see, it is only vouching that the channel is secure, it is not verifying the identity of the organization running this website.

Also noticed I have retired the HTTPS certificates from my products list. It's no point on selling a product that isn't needed, there are plenty of excellent providers that are offering fair prices. Unlike, say, domain names, which I will keep selling for as long as the big names use them as a way to sucker people into upselling them.

3 comments:

  1. Lucky Club Casino Site | Casino site, Login and registration for
    Lucky Club Casino site, login 카지노사이트luckclub and registration for all the UK's biggest online casinos, live dealers, slot games, blackjack, roulette,

    ReplyDelete
  2. These normally require gamers to wager the quantity of the bonus a specified variety of occasions. That can range from 1x all the best way|the means in which} up to as} 40x the bonus quantity. These are only a few examples of popular sidebet options. Typically another sidebets could be related as they pay at varied odds for various combinations of playing cards from the unique deal. Besides variations, we even 온라인카지노 have aspect bets which were added to encourage and attract more gamers to attempt the game. These wagers are normally not advantageous for gamers and serve largely to improve the house’s margins.

    ReplyDelete
  3. Also, note that Bitcoin and Neosurf users receive an extra 20% boost. Of course there is be} - getting the most effective casino sign up bonuses. The casino might give you risk-free playing for the first 24 hours as a buyer. The casino will refund you ALL losses that you just incur throughout your first session. Open 솔카지노 the cashier as traditional and choose the web banking possibility.

    ReplyDelete