Your Ace!

Best way to install https cert for free.

I run my fair share of websites. I have found the best way to install https certs for free is the certbot tool (I use Ubuntu and Apache).

The simplest way to get started is to get your site viewable with no SSL. Make sure you can go to via https (you'll get a cert warning). Follow the link to the above instructions for your OS and Web Server.

Pro tip: make 3 config for your one site (see below sample for Apache2).

  • Port 443 using www; www.yourdomain.com
  • Port 443 no www; yourdomain.com
  • Port 80 which redirect to one of the above.

Either send the www to the non-www or vice versa and point your non https(port 80) to that one as well

Have certbot make a cert for www and the non-www sites. 

 

Note: Also, you can have as many SSL on one IP as you like.

When certbot is running correctly it will auto install a new cert every year.

 

The below sample will force all http traffic to https://anotherdomain1234.com/ and the subdomain (www) https://www.anotherdomain1234.com/ to https://anotherdomain1234.com/

you will want a cert for anotherdomain1234.com and www.anotherdomain1234.com this way the redirection does give a cert error to the user.

Sample Apache2 config before certbot:

<VirtualHost *:80>
    ServerAdmin This email address is being protected from spambots. You need JavaScript enabled to view it.
    ServerName anotherdomain1234.com
    ServerAlias *.anotherdomain1234.com
    DocumentRoot /var/www/anotherdomain1234.com/public_html
    ErrorLog /var/www/anotherdomain1234.com/logs/error.log
    CustomLog /var/www/anotherdomain1234.com/logs/access.log combined
    RewriteEngine On
    Redirect permanent / https://anotherdomain1234.com/
</VirtualHost>

<VirtualHost *:443>
    ServerAdmin This email address is being protected from spambots. You need JavaScript enabled to view it.
    ServerName anotherdomain1234.com
    ServerAlias anotherdomain1234.com
    DocumentRoot /var/www/anotherdomain1234.com/public_html
    ErrorLog /var/www/anotherdomain1234.com/logs/error.log
    CustomLog /var/www/anotherdomain1234.com/logs/access.log combined
</VirtualHost>

<VirtualHost *:443>
    ServerAdmin This email address is being protected from spambots. You need JavaScript enabled to view it.
    ServerName anotherdomain1234.com
    ServerAlias www.anotherdomain1234.com
    DocumentRoot /var/www/www.anotherdomain1234.com/public_html
    ErrorLog /var/www/www.anotherdomain1234.com/logs/error.log
    CustomLog /var/www/www.anotherdomain1234.com/logs/access.log combined
    RewriteEngine On
    Redirect permanent / https://anotherdomain1234.com/
</VirtualHost>