Host without SSL?

Certbot - on your host
Posted on

Since Let’s encrypt stared issueing free certificates in 2016 year, everyone have oportunity to have trusted domain without any costs.

Let’s encrypt is a non-profit certificate authorities (CA) company whose mission is :

To create a more secure and privacy-respecting Web by promoting the widespread adoption of HTTPS

They are others CA which can geve us free certificate but in this article I describe only this one.

Let’s encrypt give us tools to generate free certificates, so why still are so many paid certificates?

  1. Warranty – in my opinion this is a most valuable issue in the case when something goes wrong  at CA’s part.
  2. Support – the process of preparing SSL can be tricky, especially for non technical persons. On paid version, you can always ask for help.
  3. Identity Verification – in free certificate you can’t do nothing, but in my opinion i’ts not a problem.
  4. Even “free certificate” can costs. Yes, it’s not a joke. When you use it on hosting, then you can pay for administration, technical advice, or simply for time spent for your SSL.
  5. Time period – free certificates are mostly prepared for the shortest period of time.

Certbot – manual mode

If your hosting provider have method to send them certificate, you can use this option.

There are many instructions how to get your free certificate in automated way when you have full access to shell command. In our case, we have only one command. 

certbot certonly --manual

On certbot page all instructions say how to install certbot and automate whole processbut you can stop after – install certbot.

After typing our command you must follow the instruction: 

Saving debug log to C:\Certbot\log\letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Please enter in your domain name(s) (comma and/or space separated)  (Enter 'c'
to cancel): example.com

After you prepare file and put them on right place, press enter and enjoy the final effect. 

Waiting for verification...
Cleaning up challenges

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   C:\Certbot\live\example.com\fullchain.pem
   Your key file has been saved at:
   C:\Certbot\live\example.com\privkey.pem
   Your cert will expire on 2020-10-04. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot
   again. To non-interactively renew *all* of your certificates, run
   "certbot renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

Next part depends of your hosting.

Enjoy

Leave a Reply

Your email address will not be published. Required fields are marked *