Add Free SSL Certificates For Your Website

Spread the love

Websites with valid SSL certificates ensure that your site is better protected against malicious users. It also hinders malicious users from listening into data flowing from your website visitors to your servers.

You can now install secure SSL certificates for your website for FREE from LetsEncrypt and Cloudflare .  Which one to install depends on whether you have ssh (shell) access to your server or not.

LetsEncrypt

Installing LetsEncrypt certificates is suitable if you have ssh access to your server and if your fairly technically savvy.   To install LetsEncrypt certificates.

You first need to ssh into your server and install CertBot . For an ubuntu server, you can install certbot for apache using the following command

sudo apt-get install python-certbot-apache

If you have a nginx server, you can install it using the following command

sudo apt-get install python-certbot-nginx

Next you have to tell CertBot to generate the SSL certificates for your websites, you can do this  for apache  using the following command

sudo certbot --apache -d example.com -d www.example.com

The above command command will generate the certificates for the root domain example.com and the subdomain www.example.com. The –apache option tells CertBot that we are using a apache webserver, if you are using nginx webserver, you can specify –nginx instead.

LetsEncrypts SSL certificates are valid for 90 days, but CertBot automatically renew them. You can test if the renewal process works by using the following command

certbot renew --dry-run

 

CloudFlare

Installing SSL certificates through CLoudflare can be achieved through a few clicks. You need to create a free account with cloudflare and then point your domain’s nameserver to cloudflare.

Next in the “crypto” section in the cloudflare dashboard of your website, you need to set “Always use HTTPS” to ON, set “Automatic HTTPS  Redirects” to ON and set SSL to “Flexible SSL”. CloudFlare will then provision a SSL certificate within 24 hours and apply it to your site.

 

 

Mixed Content Errors

After you have implemented SSL for your websites, you may see some resources such as scripts or images not load and throw mixed content errors, this is due to your website being served with an SSL certificate by the resources being served using HTTP origins. To fix this, you need to update all the resources to be served from HTTPS origins.