SSL All The Things

If you’re a frequent reader of this blog you might notice that eveything is now going through https.

Thanks to the awesome people at Lets Encrypt I’ve managed to get free SSL Certs for many of my websites.  If it’s free why not encrypt all the things.

Nobody uses telnet anymore when ssh is far more ubiquitous and secure.  Yet the use of unencrypted http is vastly more popular than the secure https version.  Why? Mostly because of cost and complexity with setting up https.

Lets Encrypt is a pretty neat tool.  you run it on the server directly and it will validate the site automatically, generate the keys, install them into apache or nginx and modify the configurations to enable https for those sites.  It’s free and just takes a few seconds to generate and install the certificates.

Now that it’s easy and free to setup SSL Certificates and enable HTTPS, I’m hopeful that it will force other SSL providers to compete and encrypted web traffic will become the norm instead of the exception.