DEV Community

Alex Aslam
Alex Aslam

Posted on

SSL/TLS Certificates for Devs: Get HTTPS for Free in 5 Minutes with Letโ€™s Encrypt ๐Ÿ”’๐Ÿš€

#webdev #programming #javascript #automation

Itโ€™s 2024. Your app still shows that dreaded "Not Secure" warning ๐Ÿ”ด. Your users panic. Google penalizes you. All because you thought SSL certificates were expensive, complicated, or "later problems."

Good news: Letโ€™s Encrypt gives you free, auto-renewing certsโ€”and setting them up takes less time than your coffee break. Iโ€™ve secured 50+ domains this way. Hereโ€™s the no-nonsense guide.

Why Bother with SSL/TLS?

  • ๐Ÿ”’ Security: Encrypts data between users and your server.
  • ๐Ÿš€ SEO Boost: Google ranks HTTPS sites higher.
  • ๐Ÿ˜Š User Trust: No scary browser warnings.

Step 1: Install Certbot (The Magic Tool)

Run this on your server (Ubuntu example):

sudo apt update  
sudo apt install certbot python3-certbot-nginx  # For Nginx  
# Or for Apache:  
# sudo apt install certbot python3-certbot-apache
Enter fullscreen mode Exit fullscreen mode

(Windows/macOS? Use Docker or Snap.)

Step 2: Get Your Free Certificate

For Nginx/Apache (Automatic Setup): 

sudo certbot --nginx  # Or --apache
Enter fullscreen mode Exit fullscreen mode

โœ… Certbot edits your config and sets up HTTPS automagically.

For Everything Else (Manual DNS Challenge): 

sudo certbot certonly --manual --preferred-challenges dns
Enter fullscreen mode Exit fullscreen mode

๐Ÿ“ Youโ€™ll need to add a temporary DNS TXT record to verify domain ownership.

Step 3: Auto-Renewal (Because Forgetting = Disaster)

Letโ€™s Encrypt certs expire every 90 days. Automate renewals:

sudo crontab -e
Enter fullscreen mode Exit fullscreen mode

Add this line (runs renewal checks twice daily):

0 */12 * * * certbot renew --quiet
Enter fullscreen mode Exit fullscreen mode

Key Pro Tips

  1. Wildcard Certs: Secure all subdomains (*.yourdomain.com) with: 
   certbot certonly --manual --preferred-challenges dns -d '*.yourdomain.com'
Enter fullscreen mode Exit fullscreen mode
  1. Force HTTPS: Add this to Nginx/Apache configs: 
   server {  
     listen 80;  
     server_name yourdomain.com;  
     return 301 https://$host$request_uri;  
   }
Enter fullscreen mode Exit fullscreen mode
  1. Test Your Config: Use SSL Labs for an A+ rating.

When Letโ€™s Encrypt Isnโ€™t Enough

  • Enterprise Needs: EV certificates (green address bar).
  • Wildcard + Auto-Renew: Paid tools like Cloudflare simplify this.

TL;DR:

  1. sudo apt install certbot
  2. sudo certbot --nginx
  3. Enjoy free, auto-renewing HTTPS ๐Ÿ”ฅ

No excuses left. Secure your site today.

Tag that friend still running HTTP. They need this.

Need Help?

Tried Certbot? Share your war stories below! ๐Ÿšจ๐Ÿ’ฌ

Top comments (0)