Generating an SSL certificate with Let's Encrypt.
My first foray into the SSL world was actually just last year. Before then the websites I was working on either didn't need them or already had them covered. Plus we had an in-house IT guy that dealt with those (for some reason it wasn't deamed as being in my job responsibilities). However, the group of websites I was managing last year all had SSL certs and they needed to be renewed. At the time, another company managed the server so I got to learn a little bit about SSL certificates and how they worked. It was around this time that I heard about Let's Encrypt but sadly could not use it as the server didn't support it yet.
Fast forward to now, the websites I'm now managing are fully covered by an SSL certificate using Let's Encrypt. Let's Encrypt is an open source project with the aim of providing free SSL certs and it works great! When I first used it, it had only recently gone full public and it was still a bit difficult to use. I had to use some work arounds to satisfy some permission issues, but after a few hours of frustration I finally got it. Now, (https://certbot.eff.org/) Certbot exists. Certbot is great and it allows you to easily deploy certificates through Let's Encrypt. The setup instructions are right on the website and all I need to do now is run "certbot certonly", go through a bit of setup and that's it. Thankfully I had no permission issues and I hope the next renewal process goes better than it has in the past.
Certificates through Let's Encrypt are valid for a few months. From what I remember, the reason for this is because of how the certificates are signed. But, it's not too much of a hassle to renew every 3 months and hopefully with Certbot that process will be easier. And you can even automate the renewal process if you so choose.
With both Google and Firefox cracking down on non-secure sites and with the creation of Let's Encrypt, there's now little excuse to not secure your whole website. Plus, serving pages over https is actually faster than http.
So take a few minutes and go ahead and secure those websites!