Skip to content

Instantly share code, notes, and snippets.

@d4r1091

d4r1091/moving-to-https-steps.md

Last active February 19, 2021 13:22
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save d4r1091/5e58447680bcfd7c9d42ac575796fe92 to your computer and use it in GitHub Desktop.
Save d4r1091/5e58447680bcfd7c9d42ac575796fe92 to your computer and use it in GitHub Desktop.
Download ZIP
Adding HTTPS to your website with CertBot
Raw
moving-to-https-steps.md

Moving onto HTTPS...

Purpose

Here is a step by step guideline to make your Website a safe 🔒place to surf 🏄🏻‍♀️. A bit of knowledge of the HTTP protocol, command-line and the System your Website is hosted on, is required. Instead of always navigating to the CertBot's website, I thought better having something with clear step-by-step that I can always consult. 🤷🏽‍♂️ Like a quick note 📝.

CertBot

Let's start with CertBot. In few words, gracefully stolen from the about section in their website, CertBot is a free, open source software tool for automatically using Let’s Encrypt certificates on manually-administrated websites to enable HTTPS.

Instructions

  • Make sure you know the Software your website is running:

    Note that the information we get back may be misleading though: on Plesk servers for example, BOTH Apache and NGINX can be used to serve a web page. In this scenario, the above test will return NGINX, even though the site is served by Apache first and only distributed by an NGINX proxy.

  • Go to CertBot instructions setup

  • Select your configuration

  • You'll be shown the options of getting a default or wildcard certificate

From now on is CertBot provides handy instructions to install the certificate.

  • SSH into the server
  • Install CertBot

CentOS6

My website is running CentOS6 under Apache

wget https://dl.eff.org/certbot-auto
sudo mv certbot-auto /usr/local/bin/certbot-auto
sudo chown root /usr/local/bin/certbot-auto
sudo chmod 0755 /usr/local/bin/certbot-auto
  • Run the certificate Installer
sudo /usr/local/bin/certbot-auto --apache

At this point, you'll be driven over the easy CertBot installation. It will detect all the domain and you'll be asked for which you'd like to move to HTTPS (default option = all of them)

  • Setup the automatic renewal via cronjob
echo "0 0,12 * * * root python -c 'import random; import time; time.sleep(random.random() * 3600)' && /usr/local/bin/certbot-auto renew" | sudo tee -a /etc/crontab > /dev/null

That's all folks! 🎉

If you'd like to confirm that everything is working as planned, visit this website and check the robustness of your new, secure, Website.

Credits

Thanks to @Peppe Mannato ❤️ for this new bit of learning.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment