Install free SSL protocol for Website – HTTPS free (VPS)

1. What is SSL?
SSL (Secure Sockets Layer) is a global technology security standard that creates an encrypted link between a web server and a browser. This link ensures that all data exchanged between the web server and the browser is always secure and safe.

2. Do I need to install SSL for my website?

If your website is a website that interacts with users such as allowing users to login, allowing users to submit personal information, sending bank account information..etc or any information from the user’s browser used on the server that thinks this information needs to be kept safe and not stolen. Then you should use SSL for your website, email, ftp..vv.

3. What are the benefits of SSL?
There are many benefits, but I simply install SSL for my website to help better SEO; make users feel confident and secure; and better security.
Also it has special benefits for e-commerce websites. Websites of this type can often create e-store pages for online store owners, each e-store (store) is a sub domain and is shared on a unique IP address . Then, to deploy a security solution for online transactions (when ordering, paying, registering & logging in, …) with SSL, we can use only one Wildcard digital certificate for the name. the main domain of the website and share a single IP address to all sub domains.

——————

Let’s Encrypt is starting to offer SSL/TLS certificates (Secure Socket Layer/Transport Layer Security) is free for web server and HTTPS website settings.

Let’s Encrypt is an initiative run by Internet Security Research Group (ISRG), open certificate authority, free of charge, accepted by all major browsers including Google Chrome, Mozilla Firefox and Microsoft Internet Explorer.

Let’s Encrypt is a certificate authority (CA):

• Free of charge
• Automated – the installation, configuration and certificate renewal process does not require any administrator action.
• Open – automatic release as well as innovation procedure will be posted as an open standard.
• Transparency – a record of all issued and renewed certificates will be made public.
• Security – executive staff with best practice experience.
• Collaboration – Let’s Encrypt is managed by many different organizations and developed in a way that benefits the community, not just for anyone.

FREE SSL CERTIFICATE INSTALLATION GUIDE

Let’s say you want to get a certificate for the site example.com. To proceed with the installation, you must have root access to the example.com web server. You need to download and run the Let’s Encrypt client:

1. Login to the web server via SSH with root access.
2. Install Git via command:

   apt-get install git

3. Download and install the latest version of Let’s Encrypt Client:

   git clone https://github.com/letsencrypt/letsencrypt
   cd letsencrypt
   ./letsencrypt-auto

4. Press Enter to agree to the terms
5. Type the server name in the dialog box ( www.example.com ) then Enter
6. Enter your email address to receive news from Let’s Encrypt, and is the place restore key then Enter
7. Read the “Terms of Service” again and then Enter to generate and install the SSL certificate

You will receive a congratulatory message when the installation is complete.

Nginx/Apache CONFIGURATION

By default, the Nginx or Apache web server is not configured to use the new host certificate. You have to change the configuration file

With Nginx: Open the configuration file:

$ sudo nano /etc/nginx/sites-available/www.example.com

Add the following lines:

http{
server{
…
listen 443 ssl;
server_name www.example.com;
ssl_certificate /etc/letsencrypt/live/www.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.example.com/privkey.pem;
…
}
}

Save the file and restart the web server with the command:

sudo nginx -s reload

You can read the document details here.

Congratulations, you have installed the SSL certificate for the domain example.com

It’s important to keep in mind that the trial version of Let’s Encrypt expires after 90 days. To renew the certificate you need to run the command letsencrypt-auto .