Securing your sites.

Securing your sites.

Today has been an exercise in frustration and joy.

While I was working on all my servers I noticed that my SSL Certificates had expired. This only seemed to be an issue with the cloud server, and all the sites on the web server. It came to my attention when I got a notification from my owncloud app that the server certificate was expired. So since I had added a new site to the web server I thought I had better check it also.

The cloud server went well. I am using Let’s Encrypt ( to manage all my SSL Certificates so I simply had to renew the certificate and automate the renewal process.

The issue was with the web server. It was a simple process of running Certbot again as superuser, and making the certificate expand to cover all sites. I also forced all http requests to move over to https. Now that I have that setup I just needed to run the command certbot renew. This should test a renewal of all the certificates and create a cron job so that they will auto renew. It seem to have solved the issue for now, as all the sites are secured. I will have to check again in 90 days to verify that they auto renew, but that shouldn’t be an issue.

There are some significant advantages to using SSL Certificates, as they help secure your site from hackers sitting “in the middle” catching data being passed back and forth between your site and the client machine. This data includes but is not limited to usernames, passwords, and any information you put into a form. Things like credit card or banking info, or email addresses. Things you wouldn’t want to generally get out.

Now that I have this up and running successfully it is simple to add another domain to the list. So as I get clients it will become standard practice to automatically add them to the certificate. This just enhances the services I offer. If you host on our servers SSL Certificates will be an included value add for any site. And since I am using Let’s Encrypt the service is not costing us anything.

Leave a Reply

Your email address will not be published. Required fields are marked *