Categories
Site Info Technology Web Development

Let’s Encrypt!

Traditionally, getting an SSL certificate isn’t easy or cheap. SSL, or more accurately, SSL’s successor, TLS, is the underlying technology that encrypts web traffic. You’ve seen this as the https scheme on a URL and the padlock in your browser to let you know you’re securely browsing a website.

To set this up for your website, you used to (and still do on some hosts) need a dedicated IP address for the website, a fair amount of money, and jump through of hoops with the certificate authority (CA) issuing the certificate. There was, also, a lot of back and forth needing a certificate signing request (CSR) to send to the CA, then installing the real certificate when it was issued.

Let’s Encrypt aims to change that. The goal is a fully automated process where someone could type in a command on a server, wait a few seconds, and have a certificate issued and installed on their system.

It’s been in development for a while now and I’m proud to say that my employer, Automattic, is a Silver sponsor of the project. Yesterday, the opened for a public beta period. So, of course, I gave it a spin.

This site has had a certificate for some time, but I never pulled the trigger on enabling HTTPS on any of my other domains. I opted to try this on, perhaps, my greatest domain— kraft.beer.

Let’s jump in and get some HTTPS going.

Categories
Site Info

HTTP/2

A very quick aside to note that kraft.im is now running on HTTP/2 as of a week or so ago. I had been on the stable build of Nginx that ships with Ubuntu, which is pretty outdated.

I updated to the Nginx mainline repo and changed one line in my .conf file— spdy to http2.

I’m exploring Server Push, though nothing is implemented at this time.

It definitely feels faster, especially navigating within the site to different pages.

Aside to the aside: Yes, I really did do this via my phone.

And I feel pretty good about my site being among these as the ones having HTTP/2 connections:

Screenshot displaying the active HTTP/2 connections in my browser including my site.
A very tiny fish among some whales.