New blog experience and SSL encryption by default using Let's Encrypt

As some may have noticed I did some changes to this blog recently. First I decided to change the theme of my blog to something more simplistic. After some searching around the web I found a great Wordpress theme named Independent Publisher. I definitively recommend checking out this theme if you are running a Wordpress blog. It’s very reader-focused and also entirely open-source.

Besides that, I opted for enabling SSL for the whole site. Visitors will now automatically be redirected to the secure version of this site. Encryption is done by using free certificates from Let’s Encrypt.

Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. Let’s Encrypt is a service provided by the Internet Security Research Group (ISRG).

The key principles behind Let’s Encrypt are:

The Let’s Encrypt project was initiated in 2012 by two Mozilla employees and started public beta back in December 2015. The project aims to make encrypted connections omnipresent. The goal is to significantly lower the complexity of setting up and maintaining encryption of websites. On a Linux web server, execution of only two commands is sufficient to set up HTTPS encryption, acquire and install certificates within 20 to 30 seconds. Certificates issued by Let’s Encrypt are valid for only 90 days. However renewal can easily be automated using a cron job. Folks from Digital Ocean wrote a nice tutorial about how to use and automate Let’s Encrypt on Ubuntu. I recommend checking out Let’s Encrypt by yourself. Let’s Encrypt is removing any excuses for not encrypting Web applications and services.

Comments

comments powered by Disqus