FREE SSL CERTIFICATESSecure your Web server with free Let's Encrypt CertificatesGuide to fully automate the process of creating and renewing certificates without the need of installing extra software.Script based copy & paste solution for Linux, FreeBSD and Plesk.Introduction SSL CertificatesIn the past services offered on the Internet mostly was unencrypted and traffic was sent in clear text between server and user.Times has changed now, spying on traffic and hacking is all around. Actually it needs less than a few minutes to have the first bots trying all of their exploit scripts against your IP address. Never think you are not important enough for hackers because in the first step bots operates on IP addresses without knowing who is behind this IP address. Things will be exploited pretty fast. Traffic sniffing exploits usernames, passwords and sensitive data, making follow up attacks very easy and successful. Traffic encryption with SSL certificates, combined with other prevention methods, using modern and state-of-the-art server technologies is a must for all servers providing services like web access. To validate a certificate, they are signed by a Certificate Authority. Browsers like Firefox e.g. includes certificates of commercial authorities to be able to check the validity of the certificate. Without these certificates browsers would give a warning that they cannot identify the certificate of your server. This happens with so named self signed certificates too. A warning like this is unacceptable for people visiting a website or any other service.To operate publicly available services you need certificates signed by a known authority. You can buy them at different companies. Only those ones will let the browser show your URL in green without importing any additional CA root certificate.For web servers accessible from the Internet “Let's Encrypt” Authority offers free, if installed as intended, fully automated, certificates. These certificates are valid for 3 months. Receiving and renewing them can be done script based and fully automated. Free, no paper work and fully automated if professional installed.A lot of Let's Encrypt client software is available making the use of Let's Encrypt certificates very easy and straightforward.Paranoid as I am, I don't want to install extra software on any server just for updating certificates. Every added software package can be a security risk on a publicly available server especially if additional programming languages or interpreters are added. After searching for a great solution a long time, I was able to handle everything only adding a shell script solution and finally wrote this e-book for you.Table of ContentsIntroductionTable of ContentsLegal NotesIntroduction SSL CertificatesFirewall Setup (Optional)Description of firewall ports8Setup of this guide – Our GoalNetwork setup9Our final setup9Prepare your operating systemFreeBSD10Linux10Linux & FreeBSD11Building Run_Certs.shRun_Certs.sh in detail (copy & paste it)13Creating our config file14Creating our domains.txt file14Prepare the web serverPreparing Apache for Run_Certs.sh15Create .well-known in document root15Create hook.shhook.sh for FreeBSD or Linux17hook.sh for Plesk servers18Plesk automation explained:18Create the first certificateConfigure Apache to use certificatesChecking Plesk serversAutomate the process of renewingMore FeaturesAbout The AuthorOther Books By (Author)Link List for this e-bookLet's Encrypt - Project28Dehydrated Project28FreeBSD Project Page28Can I Ask A Favour? Karl M. Joch is founder of CTS GMBH with more than 30 years experience in national and international projects. He worked in over 15 countries.
Author: Karl Joch