Let’s Encrypt Cookbook

serveimageI am planning a series of blog posts about my experiences moving our library servers and services to Let’s Encrypt for TSL/HTTPS certificates.  Let’s Encrypt is a certificate authority that issues free TSL certificates as part of a widespread campaign to move all web traffic to HTTPS and has a number of sponsors including the Electronic Frontier Foundation, Mozilla, Chrome, Cisco, Facebook, Automatic (the WordPress folks), and the American Library Association.  That’s right, ALA is a sponsor of this important initiative in order to help libraries move to HTTPS.

Let’s Encrypt also provides a set of tools to automate the installation and renewal of certificates.  The free tools and certificates became available in a beta version last November and moved out of beta status in April 2016.  Adoption has been rapid.  According to this article in Wired magazine:

  •  “The 1.8 million certificates Let’s Encrypt has issued to 3.8 million websites make it the third-largest certificate authority in the world”
  • “85 percent of those sites never had HTTPS before”
  • “All sites hosted on WordPress with custom URLs will now be encrypted by default using Let’s Encrypt’s certificates.”

Most libraries have never had HTPPS, and its time for that to change.  I plan to share my recipes for using Let’s Encrypt over the next week or two.  They are in essence “rough drafts” of what will hopefully become more polished How-to Guides that will be published more formally on the Choose Privacy Week website or somewhere else on the ALA website.  Here are the posts I have planned for servers:

In the months to come, I will be tackling the following:

  • Best practices for preparing your website to migrate to HTTPS
  • Trying to install Let’s Encrypt certificates on ILS server
  • Trying to install Let’s Encrypt certificates on several different commercial Web hosting platforms
  • Trying to install Let’s Encrypt certificates on other types of servers (VPN, Squid proxy, mail)

So stay tuned!