Configuring Apache to use SSL: Difference between revisions

Jump to navigation Jump to search
Added clarity that you must open port 443 in order for Certbot to work, not just port 80.
No edit summary
(Added clarity that you must open port 443 in order for Certbot to work, not just port 80.)
Line 16: Line 16:
==Signed certificate== <!--T:9-->
==Signed certificate== <!--T:9-->
Having a certificate signed by a [https://en.wikipedia.org/wiki/Certificate_authority Certificate Authority] (CA) allows visitors to ensure they are accessing the right website, which avoids [https://en.wikipedia.org/wiki/Man-in-the-middle_attack man-in-the-middle-attacks]. Many CAs require a yearly fee, but one which does not is [https://letsencrypt.org/ Let's Encrypt] CA. Certbot is a tool that automatically creates or renews an SSL certificate signed by the Let's Encrypt CA and it automatically configures your web server to use the SSL certificate. The main [https://certbot.eff.org/ Certbot] page tells you everything you need to know to get started quickly. For additional details on Cerbot, see the [https://certbot.eff.org/docs/ Certbot docs].
Having a certificate signed by a [https://en.wikipedia.org/wiki/Certificate_authority Certificate Authority] (CA) allows visitors to ensure they are accessing the right website, which avoids [https://en.wikipedia.org/wiki/Man-in-the-middle_attack man-in-the-middle-attacks]. Many CAs require a yearly fee, but one which does not is [https://letsencrypt.org/ Let's Encrypt] CA. Certbot is a tool that automatically creates or renews an SSL certificate signed by the Let's Encrypt CA and it automatically configures your web server to use the SSL certificate. The main [https://certbot.eff.org/ Certbot] page tells you everything you need to know to get started quickly. For additional details on Cerbot, see the [https://certbot.eff.org/docs/ Certbot docs].
Please note that if you are configuring Certbot via Apache, then you must open port 443 (TCP ingress) in order for Certbot to connect to the site. This is not mentioned in the Certbot documentation.


==Self-signed certificate== <!--T:10-->
==Self-signed certificate== <!--T:10-->
1

edit

Navigation menu