I Was Wrong...

Server Encryption SSL Security

The Early Days

When I first started building websites in 2010, I assumed that the little lock you would see next to web addresses with the prefix of 'https' was something that only online stores and large companies could afford to use. After a quick google search to satisfy my itch of curiosity, I read how it is used to create a secure connection between a client (web browser) and a server (blog.wredia.com). This secure connection is created (in a simple definition) by encrypting the information being transferred between the client and the server. That was the extent of my google search at the time due to the fact I figured the site would not be capturing any 'private' information. I was wrong.

https - Hyper Text Transfer Protocol Secure

Earlier Days ;)

The purpose of encryption has always been the same...to mask the original message so that only the sender and receiver can communicate. One of the earliest forms of what we can now call 'encryption' can be dated back to almost 1500 B.C. where archiologists have found code or cipher in clay tablets. Masking communication through the process of 'replacing' characters in any given sequence has continued to be a way that two parties can securely communicate. Although this is a very basic definistion of the process, much more complex versions of this method have been developed over the years in the tech field.

How to?

Obtaining a SSL cert for your website is pretty easy. Depending on the service you use for hosting, you may already have the tools to request and provision a cert. cPanel and Plesk have built in tools and plugins you can add to provide this functionality. The biggest disadvantage to using a free service is that the certs are usually set with a short expiry. The main SSL cert service that I use is Let's Encrypt. This service allows you to request and provision SSL certs with a 90 day expiry. Normally, this would seem like a problem but I also use a package on my FreeBSD environment that allows me to automate the reissue process. This package is available for many OSs. I buld my webservers from the ground up and have a cron running every day to check the SSL certs on my box to see if they need renewed. When they need renewed, Certbot does the work and downloads and reprovisions the domain with the new cert.

Profile picture

William Reeves

Content Creator

Not much to know about me. I live in North Platte, Nebraska. I love my church, my family and my tech stuff. I love to film and to teach others how to do it as well. Be sure to check out my Youtube, Instagram and Twitter.

Previous Post