Free HTTPS certificate

3 years ago
Hi all!

Wish to inform about possibility of getting free ceritificate for your store!
Check this out: https://letsencrypt.org

The objective of Let’s Encrypt and the ACME protocol is to make it possible to set up an HTTPS server and have it automatically obtain a browser-trusted certificate, without any human intervention. This is accomplished by running a certificate management agent on the web server.

The key principles behind Let’s Encrypt are:

Free: Anyone who owns a domain name can use Let’s Encrypt to obtain a trusted certificate at zero cost.
Automatic: Software running on a web server can interact with Let’s Encrypt to painlessly obtain a certificate, securely configure it for use, and automatically take care of renewal.
Secure: Let’s Encrypt will serve as a platform for advancing TLS security best practices, both on the CA side and by helping site operators properly secure their servers.
Transparent: All certificates issued or revoked will be publicly recorded and available for anyone to inspect.
Open: The automatic issuance and renewal protocol will be published as an open standard that others can adopt.
Cooperative: Much like the underlying Internet protocols themselves, Let’s Encrypt is a joint effort to benefit the community, beyond the control of any one organization.
3 years ago
Great! Thanks for sharing!
3 years ago
This post might be helpful to users who are looking to use Let's Encrypt (for windows): http://weblog.west-wind.com/posts/2016/Feb/22/Using-Lets-Encrypt-with-IIS-on-Windows
3 years ago
__________________________________________________________________

This will be a great news! Thank you thank you for your generosity.

__________________________________________________________________

http://www.retirebydesign.com/learning_center/newsletters/
3 years ago
Hello,

Please bear in mind that Lets Encrypt would not be a good solution if you use HPKP and CAA on your website/domain.
A determined attacker could replace your cert with another one via LE and post a ransom key using HPKP.  If there is an issue with the keys provided via HPKP, the website would be non functional to the user for an extended period of time.
3 years ago
Don't forget if you run your nopCommerce sites on Azure (Microsoft Cloud) you can setup Let's Encrypt there as well.

With web jobs set to auto renewal every 3 months.

Setup can be a little tricky if you're not familiar with Active Directory and Kudu but worth it if you didn't want to relay your web traffic through CloudFlare to get SSL certificate.

The only thing you need to be aware of is the minimum service plan required for this is Basic (B1) due to SSL bindings but if you have multiple web apps then this shouldn't make a difference really.

Remember SSL does not mean SSL.

EDIT: missed the word minimum, quite key really.
1 year ago
Hi Guys

I thought I'd mention that there is a new problem using Let's Encrypt on Nop 4.0 onwards, When you use let's encrypt through Plesk, it add's a Token folder in the root folder called ".well-known" which is great, but not very helpful as it needs to be in the wwwroot folder, so you will get an error 404 not found when trying to install the cert.

There are a number of ways to resolve this, and we are currently looking at the best solution to resolve the problem, i will post the solution as soon as we have had time to test them.
1 year ago
Hello.
I have create a dummy plugin that is solve this problem.
You can find it in the market for free.

I have add a route that returns in plain text the file that is required from lets encrypt service.
1 year ago
All new A2 Hosting accounts support Let's Encrypt. Please find more information here:

https://www.a2hosting.com/kb/does-a2-hosting-support/do-you-support-lets-encrypt
1 year ago
Hi A2Hosting

Thanks for the comment, we also offer LetEncrypt to our clients, but the issue is not "is it available" the problem is where it is added to the site !!, instead of adding ".WellKnown" in the root as you would do in a normal site, for 4.0 + it needs to go in the wwwrroot instead, so that it can be updated each month, I can't speak for C-Panel or any of the other control panels as we do not use them, for us this was an issue with Plesk.