After asking for career advice about getting into Cybersecurity at Reddit r/ITCareerQuestions I got ragged on big time for having a website that didn’t use SSL.
I was always kind of lackadaisical about adding SSL because I figured it’s hosted on a Raspberry Pi, who cares? Well, maybe that was not a good attitude to have.
Well, I want to say that adding SSL to your site for FREE is very easy. Let’s Encrypt is an organization that provides SSL certificates for free and is sponsored by groups such as Amazon Web Services and the Electronic Frontier Foundation.
They refer you to the CertBot which will give you detailed step by step instructions provided you know your server distro and version (for Linux services). If you are not familiar with SSH there are many good articles to instruct you on using it in Windows (which most people probably are) but also Linux as well. Both the latest operating systems come with their own SSH command line program.
The steps are pretty much automated. You have the option to auto-renew as well. If you’re running your web server from a Raspberry Pi like I am then you are going to want to remember to open up port 441.
So there you go Redditors. It took me half an hour to figure out.