0% found this document useful (0 votes)

160 views79 pages

HTTP Vs Https

This document provides a guide to switching a website from HTTP to HTTPS. It begins with an overview of HTTP, HTTPS, HTTP/2, SSL and TLS, explaining the differences and relationships between these protocols. It then discusses what HTTPS provides in terms of confidentiality, integrity and authentication. The document goes on to provide a basic explanation of cryptography concepts like encryption, decryption, symmetric and asymmetric encryption methods. It aims to explain the individual components and steps involved in setting up HTTPS.

Uploaded by

fff

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

160 views79 pages

HTTP Vs Https

Uploaded by

fff

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 79

The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

You know, we use ad-blockers as well. We gotta

keep those servers running though. Did you know that
we publish useful books and run friendly conferences
— crafted for pros like yourself? E.g. our upcoming
SmashingConf Barcelona, dedicated to smart
front-end techniques and design patterns.

�e Complete Guide To Switching From

HTTP To HTTPS
By Vladislav Denishev

June 12th, 2017

Coding, HTTPS, Security with 33 Comments

HTTPS is a must for every website nowadays: Users are looking

for the padlock when providing their details; Chrome and Firefox
explicitly mark websites that[1]provide
1 forms on pages without
[2]2
HTTPS as being non-secure; it is an SEO [3] ranking
3 factor; and it
has a serious impact on privacy in general. Additionally, there 4
is
now more than one option to get an HTTPS certiﬁcate for free , so
switching to HTTPS is only a ma�er of will.

Setting up HTTPS can be a bit intimidating for the inexperienced user — it takes

1 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

many steps with different parties, it requires specific knowledge of encryption and
server configuration, and it sounds complicated in general.

In this guide, I will explain the individual components and steps and will clearly
cover the individual stages of the setup. Your experience should be easy,
especially if your hosting provider also supplies HTTPS certiﬁcates — chances are
you will be able to perform everything from your control panel quickly and easily.

I have included detailed instructions for owners of shared hosting plans on cPanel,
administrators of Apache HTTP servers and of Nginx on Linux and Unix, as well as
Internet Information Server on Windows.

Let’s start with the basics.

HTTP Vs. HTTPS Vs. HTTP/2 Vs. SSL Vs. TLS: What’s
What?
A lot of acronyms are used to describe the processes of communication between
a client and a server. These are often mixed up by people who are not familiar
with the internals.

The Hypertext Transfer Protocol (HTTP) is the basic communication protocol that
both clients and servers must implement in order to be able to communicate. It
covers things such as requests and responses, sessions, caching, authentication
and more. Work on the protocol, as well as on the Hypertext Markup Language
(HTML), started in 1989 by Sir Tim Berners-Lee and his team at CERN. The ﬁrst
oﬃcial version of the protocol (HTTP 1.0) was released in 1996, shortly followed by
the currently widely adopted version (HTTP 1.1) in 1997.

The protocol transfers information between the browser and the server in clear
text, allowing the network, through which the information passes, to see the

2 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

information transmitted. This is a security concern, so HTTP Secure (HTTPS) was

introduced, allowing the client and the server to ﬁrst establish an encrypted
communication channel, and then pass the clear text HTTP messages through it,
eﬀectively protecting them from eavesdropping.

The encrypted channel is created using the Transport Layer Security (TLS)
protocol, previously called Secure Socket Layer (SSL). The terms SSL and TLS are
often used interchangeably, with SSL 3.0 being replaced by TLS 1.0. SSL was a
Netscape-developed protocol, while TLS is an IETF standard. At the time of
writing, all versions of SSL (1.0, 2.0, 3.0) are deprecated due to various security
problems and will produce warnings in current browsers, and the TLS versions
(1.0, 1.1, 1.2) are in use, with 1.3 currently a draft.

So, sometime around 1996 and 1997, we got the current stable version of the
Internet (HTTP 1.1, with or without SSL and TLS), which still powers the majority of
websites today. Previously, HTTP was used for non-sensitive traﬃc (for example,
reading the news), and HTTPS was used for sensitive traﬃc (for example,
authentication and e-commerce); however, increased focus on privacy means that
web browsers such as Google Chrome now mark HTTP websites as “not private”
and will introduce warnings for HTTP in future.

The next upgrade of the HTTP protocol — HTTP/2 — which is being adopted by a
growing number of websites, adds new features (compression, multiplexing,
prioritization) in order to reduce latency and increase performance and security.

In HTTP version 1.1, the secure connection is optional (you may have HTTP and/or
HTTPS independent of each other), while in HTTP/2 it is practically mandatory —
even though the standard deﬁnes HTTP/2 with or without TLS, most browser
vendors have stated that they will only implement support for HTTP/2 over TLS.

What Does HTTPS Provide?

3 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

Why bother with HTTPS in the ﬁrst place? It is used for three main reasons:

Conﬁdentiality
This protects the communication between two parties from others within a
public medium such as the Internet. For example, without HTTPS, someone
running a Wi-Fi access point could see private information such as credit
cards when someone using the access point purchases something online.

Integrity
This makes sure information reaches its destined party in full and unaltered.
For example, our Wi-Fi friend could add extra advertisements to our
website, reduce the quality of our images to save bandwidth or change the
content of articles we read. HTTPS ensures that the website can’t be
modiﬁed.

Authentication
This ensures that the website is actually what it claims to be. For example,
that same person running the Wi-Fi access point could send browsers to a
fake website. HTTPS ensures that a website that says it’s example.com is
actually example.com . Some certiﬁcates even check the legal identity
behind that website, so that you know yourbank.com is YourBank, Inc.

Cryptography In A Nutshell
Conﬁdentiality, integrity and authentication aren’t HTTPS-speciﬁc: They’re the core
concepts of cryptography. Let’s look a little more closely at them.

CONFIDENTIALITY

Conﬁdentiality is privacy — that is, it protects information from being read by an

unauthorized third party. The process usually involves turning a readable (i.e.

4 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

audible and visible) form of the information, called plaintext, into a scrambled,
unreadable version, called ciphertext. This process is called encryption. The
reverse process — turning the unreadable ciphertext back into readable plaintext
— is called decryption. There are many methods — cipher functions (or
algorithms) — to encrypt and decrypt information.

In order for two parties to be able to communicate, they should agree on two
things:

. which algorithm (cipher function) they will use in their communication;

. which parameters, password or rules (i.e. secret) will be used with the
method selected.

There are two main types of encryption methods:

symmetric
Both parties share a common secret key.

asymmetric
One of the parties has a pair of a secret and a public key, the foundation of
public key infrastructure (PKI).

The symmetric class of methods relies on both parties having a shared secret,
which the sender uses to encrypt the information, which in turn the receiver
decrypts using the same method and key (see the ﬁgure below). The problem with
these methods is how both parties will negotiate (i.e. exchange) the secret without
physically meeting each other — they need to have a secure communication
channel of some sort.

5 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

6
Symmetric encryption (View large version )

The asymmetric methods come to solve this kind of problem — they are based on
the notion of public and private keys. The plaintext is encrypted using one of the
keys and can only be decrypted using the other complementary key.

So, how does it work? Let’s assume we have two parties who are willing to
communicate with each other securely — Alice and Bob (these are always the
names of the ﬁctional characters in every tutorial, security manual and the like, so
we’ll honor the tradition here as well). Both of them have a pair of keys: a private
key and a public one. Private keys are known only to their respective owner;
public keys are available to anyone.

If Alice wants to send a message to Bob, she would obtain his public key, encrypt
the plaintext and send him the ciphertext. He would then use his own private key
to decrypt it.

If Bob would like to send a reply to Alice, he would obtain her public key, encrypt
the plaintext and send her the ciphertext. She would then use her own private key
to decrypt it.

6 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

8
Asymmetric encryption (View large version )

When do we use symmetric and when do we use asymmetric encryption?

Asymmetric encryption is used to exchange the secret between the client and
the server. In real life, we usually do not need two-way asymmetric communication
— it is suﬃcient if one of the parties (we’ll just call it a server, for the sake of
simplicity) has the set of keys, so it can receive an encrypted message. It really
protects the security of information in only one direction — from the client to the
server, because the information encrypted with the public key can only be
decrypted using the private key; hence, only the server can decrypt it. The other
direction is not protected — information encrypted with the server’s private key
can be decrypted with its public key by anyone. The other party (we’ll similarly call
it a client) begins the communication by encrypting a randomly generated session
secret with the server’s public key, then sends the ciphertext back to the server,
which, in turn, decrypts it using its own private key, now having the secret.

Symmetric encryption is then used to protect the actual data in transit, since it’s
much faster than asymmetric encryption. The two parties (the client and the
server), with the previously exchanged secret, are the only ones able to encrypt
and decrypt the information.

That’s why the ﬁrst asymmetric part of the handshake is also known (and referred

7 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

to) as key exchange and why the actual encrypted communication uses
algorithms known (and referred to) as cipher methods.

INTEGRITY

Another concern, solved with HTTPS, is data integrity: (1) whether the entire
information arrived successfully, and (2) whether it was modiﬁed by someone in
transit. In order to ensure the information is transmitted successfully, message
digest algorithms are used. Computing message authentication codes (MACs)
for each message exchanged are a cryptographic hashing process. For example,
obtaining a MAC (sometimes called a tag) uses a method that ensures that it is
practically impossible (the term commonly used is infeasible) to:

change the message without aﬀecting the tag,

generate the same tag from two diﬀerent messages,

reverse the process and obtain the original message from the tag.

A U T H E N T I C AT I O N

What about authentication? The problem with the real-life application of the
public key infrastructure is that both parties have no way of knowing who the
other party really is — they are physically separate. In order to prove the identity of
the other party, a mutually trusted third party — a certificate authority (CA) — is
involved. A CA issues a certificate, stating that the domain name example.com (a
unique identifier), is associated with the public key XXX . In some cases (with EV
and OV certificates — see below), the CA will also check that a particular company
controls that domain. This information is guaranteed by (i.e. certified by) the
certificate authority X, and this guarantee is valid no earlier than (i.e. begins on)
date Y and no later than (i.e. expires on) date Z. All of this information goes into a
single document, called an HTTPS certificate. To present an easily
understandable analogy, it is like a country government (a third party trusted by

8 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

all) issuing an ID or a passport (a certiﬁcate) to a person — every party that trusts

the government would also accept the identity of the ID holder (assuming the ID is
not fake, of course, but that’s outside the scope of this example).

Certiﬁcation authorities (CAs) are organizations trusted to sign certiﬁcates.

Operating systems, such as Windows, macOS, iOS and Android, as well as the
Firefox browser, have a list of trusted certiﬁcates.

You can check which CAs are trusted by your browser:

Firefox
“Options” → “Advanced” → “Certiﬁcates” → “View Certiﬁcates” → “Authorities”

Windows
“Control Panel” → “Internet Options” → “Content” — “Certificates” → “Trusted
Root Certification Authorities / Intermediate Certification Authorities”

Mac
“Applications” → “Utilities” → “Keychain Access.” Under “Category,” pick
Certiﬁcates”

All certiﬁcates are then checked and trusted — by the operating system or
browser if directly trusted or by a trusted entity if veriﬁed. This mechanism of
transitive trust is known as a chain of trust:

9 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

10
Chain of trust (View large version )

You can add other unlisted CAs, which is useful when working with self-signed
certiﬁcates (which we’ll discuss later).

In most common situations, only the server needs to be known to the client — for
example, an e-commerce website to its customers — so, only the website needs a
certiﬁcate. In other situations, such as e-government systems, both the server and
the client, requesting a service, should have their identity proven. This means that
both parties should be using certiﬁcates to authenticate to the other party. This
setup is also outside the scope of this article.

Types Of HTTPS Certiﬁcates

There are several types of HTTPS certiﬁcates. They can be categorized according
to the following criteria.

1 . I D E N T I T Y V A L I D AT I O N

. Domain validated (DV)

10 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

The most common type of certificate, a DV certificate verifies that the

domain matches a particular public key. The browser establishes a secure
connection with the server and displays the closed padlock sign. Clicking
the sign will show “This website does not supply ownership information.”
There are no special requirements other than having a domain — a DV
certificate simply ensures that this is the correct public key for that domain.
The browser does not show a legal entity. DV certificates are1511
often cheap
(10 USD per year) or free — see the sections on Let’s Encrypt
1612
and
Cloudflare below.

. Extended validation (EV)

EV certiﬁcates verify the legal organization behind a website. This is the
most trustworthy type of certiﬁcate, which is obtained after a CA checks the
legal entity that controls the domain. The legal entity is checked with a
combination of:

control of the domain (such as a DV certiﬁcate);

government business records, to make sure the company is

registered and active;

independent business directories, such as Dunn and Bradstreet,

Salesforce’s connect.data.com, Yellow Pages, etc.;

a veriﬁcation phone call;

inspection of all domain names in the certiﬁcate (wildcards are

explicitly forbidden for EV certiﬁcates).

As well as the closed padlock sign, EV HTTPS certiﬁcates display the

name of the validated legal entity — typically a registered company —
before the URL. Some devices, such as iOS Safari, will only show the
validated legal entity, ignoring the URL completely. Clicking the sign
will show details about the organization, such as the name and street

11 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

address. The cost is between 150 and 300 USD per year.

. Organization validated (OV)

Like EV, OV certificates verify the legal organization behind a website.
However, unlike EV, OV HTTPS certificates do not display the verified legal
name in the UI. As a result, OV certificates are less popular, because they
have high validation requirements, without the benefits of these being
shown to users. Prices are in the 40 to 100 USD per year range.

2. NUMBER OF DOMAINS COVERED

Once upon a time, HTTPS certificates generally contained a single domain in the
CN field. Later, the “subject alternative name” (SAN) field was added to allow
additional domains to be covered by a single certificate. These days, all HTTPS
certificates are created equal: Even a single-domain certificate will have a SAN for
that single domain (and a second SAN for the www version of that domain).
However, many certificate vendors still sell single- and multi-domain HTTPS
certificates for historical reasons.

. Single domain
This is the most common type of certiﬁcate, valid for the domain names
example.com and www.example.com .

. Multiple domains (UCC/SAN)

This type of certificate, also known as Unified Communications Certificate
(UCC) or Subject Alternative Names (SAN) certificate, can cover a list of
domains (up to a certain limit). It is not limited to a single domain — you can
mix different domains and subdomains. The price usually includes a set
number of domains (three to five), with the option to include more (up to the
limit) for an additional fee. Using it with related websites is advised,
because the client inspecting the certificate of any of the websites will see
the main domain, as well as all additional ones.

12 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

. Wildcard
This type of certiﬁcate covers the main domain as well as an unlimited
number of subdomains ( *.example.com ) — for example, example.com ,
www.example.com , mail.example.com , ftp.example.com , etc. The limitation
is that it covers only subdomains of the main domain.

The variety of HTTPS certiﬁcates available is summarized in the table below:

CERTIFICATE DOMAIN ORGANIZATION

TYPE VALIDATED (DV) VALIDATED (OV)

HTTPS

HTTPS Veriﬁed legal

owner

Single
example.com , www.example.com
domain

example.com , www.example.com , mail.example.com , example.net ,

Multiple
example.org , etc.
domains
predeﬁned list, up to a certain limit (usually 100)

N/A — all names must be included

*.example.com
Wildcard explicitly in the certiﬁcate and
matches any subdomain
inspected by the CA.

�e Conﬁguration
To recap, four components of HTTPS require encryption:

13 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

. The initial key exchange

This uses asymmetric (private and public key) algorithms.

. The identity certification (the HTTPS certificate, issued by a certification

authority)
This uses asymmetric (private and public key) algorithms.

. The actual message encryption

This uses symmetric (pre-shared secret) algorithms.

. The message digesting

This uses cryptographic hashing algorithms.

Each of these components has a set of used algorithms (some of them deprecated
already) that use diﬀerent key sizes. Part of the handshake involves the client and
the server agreeing on which combination of methods they will use — select one
out of about a dozen public key (key exchange) algorithms, one out of about a
dozen symmetric key (cipher) algorithms and one out of three (two deprecated)
message-digesting (hashing) algorithms, which gives us hundreds of
combinations.

For example, the setting ECDHE-RSA-AES256-GCM-SHA384 means that the key will be
exchanged using the Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) key
exchange algorithm; the CA signed the certificate using the Rivest-Shamir-
Adleman (RSA) algorithm; the symmetric message encryption will use the
Advanced Encryption Standard (AES) cipher, with a 256-bit key and GCM mode
of operation; and message integrity will be verified using the SHA secure hashing13
algorithm, using 384-bit digests. (A comprehensive list of algorithm combinations
is available.)

So, there are some conﬁguration choices to be made.

CIPHER SUITES

14 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

Deciding the cipher suites to use is a balance between compatibility and security:

Compatibility with older browsers needs the server to support older cipher
suites.

However, many older cipher suites are no longer considered secure.

OpenSSL lists the supported combinations (see above) in order of cryptographic

strength, with the most secure at the top and the weakest at the bottom. It is
designed in this way because, during the initial handshake between the client and
the server, the combination to be used is negotiated until a match is found that is
supported by both parties. It makes sense to ﬁrst try the most secure
combinations and gradually resort to weaker security only if there is no other way.

A very useful and highly recommended resource, advising on what cryptographic

methods to enable on the server, is the Mozilla SSL Conﬁguration
108605914
Generator , which we’ll use later on with actual server conﬁgurations.

KEY TYPES

Elliptic Curve Cryptography (ECC) certificates are faster and use less CPU than the
RSA certificates, which is particularly important for mobile clients. However, some
services, such as Amazon, CloudFront and Heroku, don’t yet, at the time of
writing, support ECC certificates.

A 256-bit ECC key is considered suﬃcient.

Rivest Shamir Adleman (RSA) certiﬁcates are slower but compatible with a wider
variety of older servers. RSA keys are larger, so a 2048-bit RSA key is considered
minimal. RSA certiﬁcates of 4096 and above may hurt performance — they’re also
likely to be signed by a 2048-bit intermediary, undermining much of the additional
security!

You might have noticed the ﬂuidity of the statements above and the lack of any

15 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

numbers — it is because what is a heavy load on one server is not on another. The
best way to determine the impact on performance is to monitor the load on your
server, with your real website(s) and your real visitors. And even that will change
over time.

Procedures
To obtain an HTTPS certiﬁcate, perform the following steps:

. Create a private and public key pair, and prepare a Certiﬁcate Signing
Request (CSR), including information about the organization and the public
key.

. Contact a certiﬁcation authority and request an HTTPS certiﬁcate, based on

the CSR.

. Obtain the signed HTTPS certiﬁcate and install it on your web server.

There exists a set of files, containing different components of the public key
infrastructure (PKI): the private and public keys, the CSR and the signed HTTPS
certificate. To make things even more complicated, different parties use different
names (and file extensions) to identify one and the same thing.

To start, there are two popular formats for storing the information — DER and PEM.
The ﬁrst one (DER) is binary, and the second (PEM) is a base64-encoded (text) DER
ﬁle. By default, Windows uses the DER format directly, and the open-source world
(Linux and UNIX) uses the PEM-format. There are tools (OpenSSL) to convert
between one and the other.

The ﬁles we’ll be using as examples in the process are the following:

example.com.key
This PEM-formatted ﬁle contains the private key. The extension .key is not

16 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

a standard, so some might use it and others might not. It is to be protected

and accessible only by the system super-user.

example.com.pub
This PEM-formatted ﬁle contains the public key. You do not actually need
this ﬁle (and it’s never explicitly present), because it can be generated from
the private key. It is only included here for illustration purposes.

example.com.csr
This is a certificate signing request. A PEM-formatted file containing
organizational information, as well as the server’s public key, should be sent
to the certification authority issuing the HTTPS certificate.

example.com.crt
This HTTPS certificate is signed by the certification authority. It is a
PEM-formatted file, including the server’s public key, organizational
information, the CA signature, validity and expiry dates, etc. The extension
.crt is not a standard; other common extensions include .cert and
.cer .

File names (and extensions) are not standard; they can be anything you like. I have
chosen this naming convention because I think it is illustrative and makes more
obvious which component has what function. You can use whatever naming
convention makes sense to you, as long as you refer to the appropriate
key-certificate files in the commands and server configuration files throughout the
process.

The private key is a randomly generated string of a certain length (we’ll use
2048-bit), which looks like the following:

17 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

-----BEGIN RSA PRIVATE KEY-----

MIIEowIBAAKCAQEAm+036O2PlUQbKbSSs2ik6O6TYy6+Zsas5oAk3GioGLl1RW9N
i8kagqdnD69Et29m1vl5OIPsBoW3OWb1aBW5e3J0x9prXI1W/fpvuP9NmrHBUN4E
S17VliRpfVH3aHfPC8rKpv3GvHYOcfOmMN+HfBZlUeKJKs6c5WmSVdnZB0R4UAWu
Q30aHEBVqtrhgHqYDBokVe0/H4wmwZEIQTINWniCOFR5UphJf5nP8ljGbmPxNTnf
b/iHS/chjcjF7TGMG36e7EBoQijZEUQs5IBCeVefOnFLK5jLx+BC//X+FNzByDil
Tt+l28I/3ZN1ujhak73YFbWjjLR2tjtp+LQgNQIDAQABAoIBAEAO2KVM02wTKsWb
dZlXKEi5mrtofLhkbqvTgVE7fbOKnW8FJuqCl+2NMH31F1n03l765p4dNF4JmRhv
/+ne4vCgOPHR/cFsH4z/0d5CpHMlC7JZQ5JjR4QDOYNOpUG51smVamPoZjkOlyih
XGk/q72CxeU6F/gKIdLt6Dx03wBosIq9IAE8LwdMnioeuj18qaVg195OMeIOriIn
tpWP4eFya5rTpIFfIdHdIxyXsd6hF/LrRc9BMWTY1/uOLrpYjTf7chbdNaxhwH7k
buvKxBvCvmXmd6v/AeQQAXbUkdSnbTKDaB9B7IlUTcDJyPBJXvFS1IzzjN6vV+06
XBwHx5ECgYEAyRZLzwnA3bw8Ep9mDw8JHDQoGuQkFEMLqRdRRoZ+hxnBD9V9M0T6
HRiUFOizEVoXxf6zPtHm/T7cRD8AFqB+pA/Nv0ug6KpwUjA4Aihf5ADp0gem0DNw
YlVkCA6Bu7c9IUlE0hwF7RLB7YrryJVJit9AymmUTUUHCQTWW2yBhC8CgYEAxoHS
HGXthin5owOTNPwLwPfU2o7SybkDBKyW69uTi0KxAl3610DjyA/cV2mxIcFlPv1y
HualGd9eNoeCMBy/AUtjzI0K77yeRpjj321rj6k8c8bYWPHH539SiBXLWTY/WQ0w
pxfT3d/Z4QMh5d6p+p5f3UIrXESYQd+fAaG5tNsCgYEAksTdTB4YUT9EsWr6eN9G
jPlclFQUKV3OMvq77bfYvg8EJORz32nnDDmWS7SUjoOtemwutBlMeWbaKk25aMp3
5JNMXuV6apeMJ9Dd8GU7qBUqlIvVK31/96XPvzmnYzWZPqRVwO2HPcRFG3YcJmkg
JmZQyexJvCQ3wFNxiYUm+y0CgYBXQSMhFnCUg4jWbbDcHlnwRT+LnjHrN2arPE3O
eKLfGL6DotmqmjxFaStaRPv2MXMWgAMUsB8sQzG/WEsSaOBQaloAxJJlFIyhzXyE
bi1UZXhMD8BzQDu1dxLI/IN4wE6SDykumVuocEfuDxlsWDZxEgJjWD2E/iXK9seG
yRa+9wKBgEydVz+C1ECLI/dOWb20UC9nGQ+2dMa+3dsmvFwSJJatQv9NGaDUdxmU
hRVzWgogZ8dZ9oH8IY3U0owNRfO65VGe0sN00sQtMoweEQi0SN0J6FePiVCnl7pf
lvYBaemLrW2YI2B7zk5fTm6ng9BW/B1KfrH9Vm5wLQBchAN8Pjbu
-----END RSA PRIVATE KEY-----

Keep the private key private! This means protect it by very restricted permissions
(600), and do not disclose it to anyone.

Its counterpart — the public key — looks like this:

-----BEGIN PUBLIC KEY-----

MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+036O2PlUQbKbSSs2ik
6O6TYy6+Zsas5oAk3GioGLl1RW9Ni8kagqdnD69Et29m1vl5OIPsBoW3OWb1aBW5
e3J0x9prXI1W/fpvuP9NmrHBUN4ES17VliRpfVH3aHfPC8rKpv3GvHYOcfOmMN+H
fBZlUeKJKs6c5WmSVdnZB0R4UAWuQ30aHEBVqtrhgHqYDBokVe0/H4wmwZEIQTIN
WniCOFR5UphJf5nP8ljGbmPxNTnfb/iHS/chjcjF7TGMG36e7EBoQijZEUQs5IBC
eVefOnFLK5jLx+BC//X+FNzByDilTt+l28I/3ZN1ujhak73YFbWjjLR2tjtp+LQg
NQIDAQAB
-----END PUBLIC KEY-----

The Certiﬁcate Signing Request (CSR) looks like the following:

18 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

-----BEGIN CERTIFICATE REQUEST-----

MIICzjCCAbYCAQAwgYgxFDASBgNVBAMMC2V4YW1wbGUuY29tMQswCQYDVQQLDAJJ
VDEPMA0GA1UECAwGTG9uZG9uMRIwEAYDVQQKDAlBQ01FIEluYy4xIDAeBgkqhkiG
9w0BCQEWEWFkbWluQGV4YW1wbGUuY29tMQswCQYDVQQGEwJHQjEPMA0GA1UEBwwG
TG9uZG9uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+036O2PlUQb
KbSSs2ik6O6TYy6+Zsas5oAk3GioGLl1RW9Ni8kagqdnD69Et29m1vl5OIPsBoW3
OWb1aBW5e3J0x9prXI1W/fpvuP9NmrHBUN4ES17VliRpfVH3aHfPC8rKpv3GvHYO
cfOmMN+HfBZlUeKJKs6c5WmSVdnZB0R4UAWuQ30aHEBVqtrhgHqYDBokVe0/H4wm
wZEIQTINWniCOFR5UphJf5nP8ljGbmPxNTnfb/iHS/chjcjF7TGMG36e7EBoQijZ
EUQs5IBCeVefOnFLK5jLx+BC//X+FNzByDilTt+l28I/3ZN1ujhak73YFbWjjLR2
tjtp+LQgNQIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBAGIQVhXfuWdINNfceNPm
CkAGv4yzpx88L34bhO1Dw4PYWnoS2f7ItuQA5zNk9EJhjkwK8gYspK7mPkvHDbFa
Um7lPSWsm3gjd3pU7dIaHxQ+0AW9lOw5ukiBlO4t3qgt+jTVZ3EhMbR0jDSyjTrY
kTgfuqQrGOQSmLb5XviEtCcN0rseWib3fKIl8DM69JiA2AALxyk7DCkS1BqLNChT
pnbgvtlUhc4yFXNCtwPGskXIvLsCn2LRy+qdsPM776kDLgD36hK0Wu14Lpsoa/p+
ZRuwKqTjdaV23o2aUMULyCRuITlghEEkRdJsaXadHXtNd5I5vDJOAAt46PIXcyEZ
aQY=
-----END CERTIFICATE REQUEST-----

This particular CSR contains the server’s public key and details about the
organization ACME Inc., based in London, UK, and which owns the domain name
example.com .

Finally, the signed HTTPS certiﬁcate looks like the following:

19 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

All parts are connected and should match each other. The final certificate was
generated for illustration purposes only — it is the so-called self-signed certificate,
because it was not signed by a recognized certification authority.

The process will be illustrated with actual steps for cPanel, Linux, FreeBSD and
Windows. This is a universal process, valid for all kinds of certificates. If you are
interested in getting a free DV
1511
certificate, there1612
are other procedures to follow in
the sections on Let’s Encrypt and Cloudflare .

Step 1: Create A Private Key And A Certiﬁcate

Signing Request (CSR)
In the following examples, we’ll use 2048-bit RSA certiﬁcates, for their wide
compatibility. If your server provider supports it (for example, if you don’t use
Heroku or AWS), you might prefer to use ECC instead.

20 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

C PA N E L

. Log into your host’s cPanel.

. Scroll down to the “Security” section and click “SSL/TLS.”

18
cPanel “Security” section (View large version )

. You are now in the “SSL/TLS Manager” home. Click “Private Keys (KEY)” to
create a new private key.
19

21 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

20
cPanel “SSL/TLS Manager (View large version )

. You will be redirected to a page to “Generate, Paste or Upload a new

“Private
Key.” Select “2048-bit” in the “Key Size” dropdown, and click “Generate.”

22 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

23 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

22
cPanel “Private Key” management (View large version )

. The new private key will be generated, and you will get a conﬁrmation
screen:
23

24
cPanel private key conﬁrmation (View large version )

. If you go back to the “Private Keys” home, you will see your new key listed:

24 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

26
cPanel “Private Keys” with the new key generated (View large version )

. Go back to the “SSL/TLS Manager” home. Click “Certiﬁcate Signing

Requests (CSR)” to create a new certiﬁcate request.

25 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

28
cPanel “SSL/TLS Manager” (View large version )

. You will now be presented with the “Generate Service Request” form.
Select the previously created private key and fill in the fields. Answer all of
the questions correctly (they will be public in your signed certificate!),
paying special attention to the “Domains” section, which should exactly
match the domain name for which you are requesting the HTTPS certificate.
Include the top-level domain only ( example.com ); the CA will usually add the
www subdomain as well (i.e. www.example.com ). When finished, click the
“Generate” button.

26 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

27 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

cPanel 30
“Create New Certiﬁcate Signing Request” form (View large
version )

. The new CSR will be generated, and you will get a conﬁrmation screen:

28 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

29 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

32
cPanel CSR conﬁrmation (View large version )

. If you go back to the “Certiﬁcate Signing Request” home, you will see your
new CSR listed:
33

cPanel “Certiﬁcate
34
Signing Request” with the new CSR generated (View
large version )

LINUX, FREEBSD

Make sure OpenSSL is installed. You can check by using:

openssl version

If it’s not already present, open the command line and install it for your platform:

Debian, Ubuntu and clones

sudo apt-get install openssl

Red Hat, CentOS and clones

30 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

sudo yum install openssl

FreeBSD

make -C /usr/ports/security/openssl install clean

Then, generate a private key and a CSR with a single command:

openssl req -newkey rsa:2048 -nodes -keyout example.com.key -out example.com.csr

The private key will be generated, and you will be asked some information for the
CSR:

Generating a 2048 bit RSA private key

........................+++
................................................................+++
writing new private key to 'example.com.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.', the field will be left blank.

Answer all questions correctly (they will be public in your signed certiﬁcate!),
paying special attention to the “Common Name” section (for example, server
FQDN or YOUR name), which should exactly match the domain name for which
you are requesting the HTTPS certiﬁcate. Include the top-level domain only
( example.com ), the CA will usually add the www subdomain as well (i.e.
www.example.com ):

31 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

Country Name (2 letter code) [AU]:GB

State or Province Name (full name) [Some-State]:London
Locality Name (eg, city) []:London
Organization Name (eg, company) [Internet Widgits Pty Ltd]:ACME Inc.
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:example.com
Email Address []:[email protected]

Please enter the following 'extra' attributes

to be sent with your certificate request
A challenge password []:
An optional company name []:

I N T E R N E T I N F O R M AT I O N S E R V E R ( I I S ) O N W I N D O W S

. Open “Start” → “Administrative Tools” → “Internet Information Services (IIS)

Manager.” Click the server name. Double-click “Server Certiﬁcates” in the
middle column:

32 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

Open “Internet Information Services

6236
(IIS) Manager.” Double-click “Server
Certiﬁcates.” (View large version )

. Click “Create Certiﬁcate Request” in the right column.

33 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

38
Click “Create Certiﬁcate Request” in the right column. (View large version )

. Enter your organization’s details, paying special attention to “Common

Name,” which should match your domain name. Click “Next.”

34 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

40
Enter your organization’s details. (View large version )

. Leave the default “Cryptographic Service Provider.” Set the “Bit length” to
2048 . Click “Next.”

35 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

42
Set the “Bit length” to 2048. (View large version )

. Browse for a place to save the generated CSR and click “Finish.”

36 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

Browse for a 44
place to save the generated CSR and click ‘Finish’. (View
large version )

Step 2: Obtaining �e HTTPS Certiﬁcate

In order to get your website certificate, first purchase a HTTPS certificate credit of
a chosen type (DV, OV, EV, single site, multisite, wildcard — see above) from an
HTTPS certificate provider. Once the process is complete, you will have to provide
the certificate signing request, which will spend the purchased credit for your
chosen domain. You’ll be asked to provide (i.e. to paste in a field or to upload) the
whole CSR text, including the -----BEGIN CERTIFICATE REQUEST----- and
-----END CERTIFICATE REQUEST----- lines. If you would like to have an EV or OV

37 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

certificate, you’ll need to provide the legal entity for which you’re requesting the
certificate — you might also be asked to provide additional documents to confirm
that you represent this company. The certificate registrar will then verify your
request (and any supporting documents) and issue the signed HTTPS certificate.

G E T T I N G A N H T T P S C E R T I F I C AT E

Your hosting provider or HTTPS registrar might have a diﬀerent product and
registration procedure, but the general logic should be similar.

. Find an HTTPS certiﬁcate vendor.

. Select a type of certiﬁcate (DV, OV, EV, single site, multisite, wildcard), and
click “Add to cart.” Specify your preferred payment method and complete
the payment.

. Activate the new HTTPS certificate for your domain. You can either paste or
upload the certificate signing request. The system will extract the certificate
details from the CSR.

. You will be asked to select a method of “Domain Control Validation” —

whether by email, uploading an HTML ﬁle (HTTP-based) or adding a TXT
record to your domain zone ﬁle (DNS-based). Follow the instructions for
your DCV method of choice to validate.

. Wait several minutes until the validation is performed and the HTTPS
certiﬁcate is issued. Download the signed HTTPS certiﬁcate.

S E L F - S I G N E D C E R T I F I C AT E S

It is also possible to sign a certiﬁcate yourself, rather than have a certiﬁcate

authority do it. This is good for testing purposes because it will be
cryptographically as good as any other certiﬁcate, but it will not be trusted by
browsers, which will ﬁre a security warning — you can claim you are anything you

38 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

want, but it wouldn’t be veriﬁed by a trusted third party. If the user trusts the
website, they could add an exception in their browser, which would store the
certiﬁcate and trust it for future visits.

The example certiﬁcate above is a self-signed one — you can use it for the domain
example.com , and it will work within its validity period.

You can create a self-signed certiﬁcate on any platform that has OpenSSL
available:

openssl x509 -signkey example.com.key -in example.com.csr -req -days 365 -out examp

Once the certificate is available, you will have to install it on your server. If you are
using hosting and HTTPS registration services from the same provider (many
hosting providers also sell HTTPS certificates), there might be an automated
procedure to install and enable your newly obtained HTTPS certificate for the
website. If you are hosting your website elsewhere, you will need to download the
certificate and configure your server to use it.

Step 3: Installing �e HTTPS Certiﬁcate For Your

Website

C PA N E L

. Go back to the “SSL/TLS Manager” home. Click “Certiﬁcates (CRT)” to

import the new certiﬁcate.

39 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

46
cPanel “SSL/TLS Manager” (View large version )

. You will be redirected to a page to “Paste, Upload or Generate” a new

“Certificate.” Paste the contents of the certificate file received from the
HTTPS registrar or upload it using the “Browse” button.

40 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

41 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

48
cPanel “Import” a new HTTPS certiﬁcate (View large version )

. When you paste the contents of the HTTPS certificate, it will be parsed, and
plain text values will be presented to you for confirmation. Review the
contents and click the “Save Certificate” button.

42 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

50
cPanel “Review” and conﬁrm HTTPS certiﬁcate (View large version )

43 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

. The new HTTPS certiﬁcate will be saved, and you will get a conﬁrmation
screen:
51

52
cPanel HTTPS certiﬁcate conﬁrmation (View large version )

. If you go back to the “Certiﬁcates (CRT)” home, you will see your new
HTTPS certiﬁcate listed:
53

cPanel 54
“Certiﬁcates” with the new HTTPS certiﬁcate listed (View large
version )

. Go back to the “SSL/TLS Manager” home. Click “Install and Manage SSL for
your website (HTTPS)” to assign the new certiﬁcate to your existing
website.

44 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

56
cPanel “SSL/TLS Manager” (View large version )

. You will be presented with the “Install an SSL Website” form. Click the
“Browse Certificates” button and select your HTTPS certificate. Select your
website domain from the dropdown list (if it’s not automatically selected),
and verify that the fields for “Certificate” and “Private Key” are populated.

45 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

46 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

58
cPanel “Install an SSL Website” (View large version )

Test to see that you can access your website at the address
https://www.example.com . If all works OK, you will most probably want to
permanently redirect your HTTP traﬃc to HTTPS. To do so, you’ll have to include
several lines of code to an .htaccess ﬁle (if you’re using an Apache web server)
in your website’s root folder:

RewriteEngine On

RewriteCond %{HTTPS} off

RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

If the .htaccess ﬁle already exists, then paste the RewriteCond and RewriteRule
lines only, right after the existing RewriteEngine On directive.

LINUX, FREEBSD

Place the generated private key ( example.com.key ), Certiﬁcate Signing Request

( example.com.csr ) and the valid HTTPS certiﬁcate ( example.com.crt ) in the
appropriate locations:

Debian, Ubuntu and clones, FreeBSD

cp example.com.crt /etc/ssl/certs/
cp example.com.key /etc/ssl/private/
cp example.com.csr /etc/ssl/private/

47 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

Red Hat, CentOS and clones

cp example.com.crt /etc/pki/tls/certs/
cp example.com.key /etc/pki/tls/private/
cp example.com.csr /etc/pki/tls/private/
restorecon -RvF /etc/pki

The ﬁles should be owned by root and protected by a permission setting of 600 .

Debian, Ubuntu and clones

chown -R root. /etc/ssl/certs /etc/ssl/private

chmod -R 0600 /etc/ssl/certs /etc/ssl/private

Red Hat, CentOS and clones

chown -R root. /etc/pki/tls/certs /etc/pki/tls/private

chmod -R 0600 /etc/pki/tls/certs /etc/pki/tls/private

FreeBSD

chown -R root:wheel /etc/ssl/certs /etc/ssl/private

chmod -R 0600 /etc/ssl/certs /etc/ssl/private

A PA C H E

To enable the HTTPS version of your website, you should:

make sure that mod_ssl is installed on your server,

upload the received HTTPS certiﬁcate ( .crt ) ﬁle to your server,

edit the Apache server conﬁguration ﬁles.

Start by checking mod_ssl . Depending on your operating system, either one

48 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

should work:

apache2 -M | grep ssl

or
httpd -M | grep ssl

If mod_ssl is installed, you should get either this…

ssl_module (shared)
Syntax OK

… or something similar.

If it’s not present or not enabled, then try this:

Debian, Ubuntu and clones

sudo a2enmod ssl

sudo service apache2 restart

Red Hat, CentOS and clones

sudo yum install mod_ssl

sudo service httpd restart

FreeBSD (select the SSL option)

make -C /usr/ports/www/apache24 config install clean

apachectl restart

Edit the Apache conﬁguration ﬁle (httpd.conf):

Debian, Ubuntu
/etc/apache2/apache2.conf

49 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

Red Hat, CentOS

/etc/httpd/conf/httpd.conf

FreeBSD
/usr/local/etc/apache2x/httpd.conf

Listen 80
Listen 443

<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
Redirect 301 / https://www.example.com/
</VirtualHost>

<VirtualHost *:443>
ServerName example.com
Redirect 301 / https://www.example.com/
</VirtualHost>

<VirtualHost *:443>
ServerName www.example.com
...
SSLEngine on
SSLCertificateFile/path/to/signed_certificate_followed_by_intermediate_certs
SSLCertificateKeyFile /path/to/private/key

# Uncomment the following directive when using client certificate authenticatio

#SSLCACertificateFile /path/to/ca_certs_for_client_authentication

# HSTS (mod_headers is required) (15768000 seconds = 6 months)

Header always set Strict-Transport-Security "max-age=15768000"
...
</VirtualHost>

# intermediate configuration, tweak to your needs

SSLProtocol all -SSLv3
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE
SSLHonorCipherOrder on
SSLCompression off
SSLSessionTickets off

# OCSP Stapling, only in httpd 2.3.3 and later

SSLUseStapling on
SSLStaplingResponderTimeout 5
SSLStaplingReturnResponderErrors off
SSLStaplingCache shmcb:/var/run/ocsp(128000)

50 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

This configuration
108605914
was generated using the Mozilla SSL Configuration
Generator , mentioned earlier. Check with it for an up-to-date configuration.
Make sure to edit the paths to the certificate and private key. The configuration
provided was generated using the intermediate setting — read the limitations and
supported browser configurations for each setting to decide which one suits you
best.

Some modiﬁcations to the generated code were made (marked in bold above) to
handle redirects from HTTP to HTTPS, as well as non- www to the www domain
(useful for SEO purposes).

NGINX

Edit the nginx conﬁguration ﬁle ( nginx.conf ):

Debian, Ubuntu, Red Hat, CentOS

/etc/nginx/nginx.conf

FreeBSD
/usr/local/etc/nginx/nginx.conf

51 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

server {
listen 80 default_server;
listen [::]:80 default_server;

# Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response.
return 301 https://$host$request_uri;
}

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;

# certs sent to the client in SERVER HELLO are concatenated in ssl_certificate

ssl_certificate /path/to/signed_cert_plus_intermediates;
ssl_certificate_key /path/to/private_key;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;

# Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits

ssl_dhparam /path/to/dhparam.pem;

# intermediate configuration. tweak to your needs.

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-EC
ssl_prefer_server_ciphers on;

# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)

add_header Strict-Transport-Security max-age=15768000;

# OCSP Stapling ---

# fetch OCSP records from URL in ssl_certificate and cache them
ssl_stapling on;
ssl_stapling_verify on;

## verify chain of trust of OCSP response using Root CA and Intermediate certs
ssl_trusted_certificate /path/to/root_CA_cert_plus_intermediates;
resolver <IP DNS resolver>;

....
}

52 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

best.

The generator automatically generates code for handling redirects from HTTP to
HTTPS, and it enables HTTP/2 out of the box!

I N T E R N E T I N F O R M AT I O N S E R V E R ( I I S ) O N W I N D O W S

. Open “Start” → “Administrative Tools” → “Internet Information Services (IIS)

Manager.” Click the server name. Double-click “Server Certiﬁcates” in the
middle column:
6135

Open “Internet Information Services (IIS) Manager.” Double-click “Server

53 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

Certiﬁcates.” (View large version )

. Click “Complete Certiﬁcate Request” in the right column.

Click “Complete
64
Certiﬁcate Request” in the right column. (View large
version )

. Select the signed certificate file ( example.com.crt ) that you obtained from
the CA. Enter some name in the “Friendly name” field to be able to
distinguish the certificate later. Place the new certificate in the “Personal”
certificate store (IIS 8+). Click “OK.”

54 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

66
Select the signed certiﬁcate ﬁle. (View large version )

. If the process went OK, you should see the certiﬁcate listed under “Server
Certiﬁcates.”

55 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

You should
68
see the certiﬁcate listed under “Server Certiﬁcates.” (View large
version )

. Expand the server name. Under “Sites,” select the website to which you
want to assign the HTTPS certiﬁcate. Click “Bindings” from the right column.

56 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

70
Select the website and click “Bindings.” (View large version )

. In the “Site bindings” window, click the “Add” button.

57 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

72
Click the “Add” button. (View large version )

. In the new window, select:

“Type”: “https”

“IP address”: “All Unassigned”

“Port”: “443”

In the “SSL Certificate” field, select the installed HTTPS certificate by

its friendly name. Click “OK.”

58 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

Select “HTTPS,”
74
and select the installed HTTPS certiﬁcate. (View large
version )

. You should now have both HTTP and HTTPS installed for this website.
75

59 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

You should now have

76
both HTTP and HTTPS installed for this website.
(View large version )

M IXED -CO N TEN T WARN IN G S

You might get a warning sign next to the address bar and a message such as
“Connection is not secure! Parts of this page are not secure (such as images).”
This does not mean that your installation is wrong; just make sure that all links to
resources (images, style sheets, scripts, etc.), whether local or from remote
servers, do not start with http:// . All resources should be pointed to with paths
relative to the root ( /images/image.png , /styles/style.css , etc.) or relative to the
current document ( ../images/image.png ), or they should be full URLs beginning
with https:// , such as <script src="https://code.jquery.com/jquery-
3.1.0.min.js"></script> .

These tips should eliminate the mixed-content warnings, and your browser should
display the closed padlock without an exclamation mark.

T E ST IN G YO U R S E RV E R

After you have configured your server and have the website up and running on
HTTPS, I strongly
77
recommend checking its security configuration using the Qualys
SSL Server Test . This performs a scan of your website, including a
comprehensive evaluation of its configuration, possible weaknesses and
recommendations. Follow the advice there to further improve your server’s
security configuration.

REN EWA L

Your certiﬁcate is valid for a set period — typically, a year. Don’t wait to renew it at
the last moment — your registrar will start sending you emails as the renewal date

60 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

approaches. Do issue a new certificate as soon as you get your first reminder. The
procedure is pretty much the same: Create a new certificate signing request, get a
new HTTPS certificate, and install it on your server. The certificate’s validity will
start running at the time of signing, while the expiration will be set one year after
your current certificate expires. Thus, there will be a time when both your old and
new certificates will be valid, and then a full new year after the expiration of the
old certificate. During the overlap, you will be able to make sure that the new
certificate is working OK, before the old one expires, allowing for uninterrupted
service of your website.

R E V O C AT I O N

If your server is compromised or if you think someone might have access to your
private key, you should immediately revoke your current HTTPS certificate.
Different registrars have different procedures, but it generally boils down to
marking the compromised certificate as inactive in a special database of your
registrar, and then issuing a new HTTPS certificate. Of course, revoke the current
certificate as soon as possible, so that nobody can impersonate you, and get the
new certificate only after you have investigated and fixed the cause of the security
breach. Please ask your registrar for assistance.

Let’s Encrypt
78
To quote the Let’s Encrypt website:

61 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

Let’s Encrypt is a free, automated, and open certiﬁcate authority (CA), run for the public’s79
beneﬁt. Let’s Encrypt is a service provided by the Internet Security Research Group (ISRG) .

�e key principles behind Let’s Encrypt are:

Free
Anyone who owns a domain name can use Let’s Encrypt to obtain a trusted certiﬁcate
at zero cost.

Automatic
So�ware running on a web server can interact with Let’s Encrypt to painlessly obtain a
certiﬁcate, securely conﬁgure it for use, and automatically take care of renewal.

Secure
Let’s Encrypt will serve as a platform for advancing TLS security best practices, both
on the CA side and by helping website operators properly secure their servers.

Transparent
All certiﬁcates issued or revoked will be publicly recorded and available for anyone to
inspect.

Open
�e automatic issuance and renewal protocol will be published as an open standard
that others can adopt.

Cooperative
Much like the underlying Internet protocols themselves, Let’s Encrypt is a joint eﬀort to
beneﬁt the community, beyond the control of any one organization.

To take advantage of Let’s Encrypt, set up your hosting account or server properly.
Let’s Encrypt oﬀers short-term certiﬁcates that need to be renewed regularly in
order to keep an HTTPS website operational.

HOW IT WORKS

There are some substantial diﬀerences in the mode of operation between Let’s

62 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

Encrypt and the other CAs. Following the ﬁrst three points above, here are the
main ones:

Free
The Let’s Encrypt HTTPS certiﬁcates are completely free for the whole
lifespan of your website.

Automatic
The Let’s Encrypt
80
HTTPS certificates are valid
for 90 days , unlike regular HTTPS certificates, which are valid for one
year. People are encouraged to automate their certificate renewal; for
example, the administrator of the server would set up a dedicated software
service (or would periodically invoke software from cron) to manage the
initial domain validation and subsequent renewal for all hosted domains —
set-it-and-forget-it style.

Secure
Let’s Encrypt HTTPS certificates are issued with no compromise on security,
leading to certain incompatibilities
8481
with older and more exotic platforms.
Check the compatibility page to determine whether you are fine cutting
off incompatible platforms.

L I M I TAT I O N S

Let’s Encrypt provides only DV certificates. OV and EV are not supported, and
there are currently no plans to support them. Single- and multiple-domain HTTPS
certificates
82
are offered, but no wildcard ones at the moment. See the Let’s Encrypt
FAQ for more information.
83
Let’s Encrypt’s automated mode of operation enforces some usage limits in
order to protect the infrastructure from intentional and unintentional abuse. The
rate limits are high enough not to affect regular users with even hundreds of
domains. However, if you manage HTTPS certificates at a very large scale, you

63 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

might want to check them out.

Older and exotic clients

8481
(prior to Windows XP SP3) are not supported. Check the
compatibility page for details.

Using �e Let’s Encrypt HTTPS Certiﬁcates In

Practice

C PA N E L

. Log into your host’s cPanel

. Scroll down to the “Security” section, and click “Let’s Encrypt for cPanel.”
85

86
cPanel “Security” section (View large version )

. You are now in the “Let’s Encrypt for cPanel” section. Check both domain
names ( example.com and www.example.com ), and click “Issue Multiple.”

64 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

88
Check both domain names and click “Issue Multiple.” (View large version )

. You will be taken to a conﬁrmation screen. Your top-level (i.e. non- www )
domain name will be selected as the primary, and your www domain name
as an alias, which will be placed in the HTTPS certiﬁcate’s “Subject Alt
Name” (SAN) record. Click “Issue” to continue. Please be patient and do
not refresh the page, because the initial validation might take longer —
about a minute or two.

65 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

Click “Issue”
90
and be patient for about a minute or two. (View large
version )

. If the process completes successfully, you will see a conﬁrmation message.

Click “Go back” to see the installed HTTPS certiﬁcate.
91

If the process completes

92
successfully, you will see a conﬁrmation message.
(View large version )

. You will see your domain listed under “Your domains with Let’s Encrypt
certificates.” You may check the certificate’s details and verify that the
website opens with the https:// prefix in your browser.

66 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

94
Your domains with Let’s Encrypt certiﬁcates (View large version )

LINUX, FREEBSD, OTHER

95
The easiest way to set up Let’s Encrypt on your server is with Certbot . Just
select your web server and operating system and follow the instructions.

67 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

97
Let’s Encrypt Certbot (View large version )

I N T E R N E T I N F O R M AT I O N S E R V E R O N W I N D O W S

There is currently no oﬃcial client for IIS on Windows, but there are workarounds.

There are several projects to create a native Windows client for Let’s Encrypt:
98
ACMESharp (PowerShell) is the ﬁrst eﬀort to write a Windows client.
99
letsencrypt-win-simple (for the command line) seems the easiest to use.
100
Certify provides a GUI on top of ACMESharp, but is still in alpha.

Cloudﬂare

68 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

101
Cloudflare is a service that provides a content delivery network (CDN), website
security, and protection against distributed denial of service (DDoS) attacks. It
features a free HTTPS certificate with all subscription plans, including the free one
— a shared DV Cloudflare Universal SSL certificate. In order to have a unique
HTTPS certificate, you need to upgrade to the Business plan.

To take advantage, simply create an account, set up your website, and visit the
“Crypto” section.

CertSimple
102
CertSimple is an EV-only HTTPS certificate vendor. It is disrupting the EV HTTPS
certificate market in a way similar to what Let’s Encrypt is doing in the DV HTTPS
certificate market, by providing a faster, easier process of organization validation
— an otherwise slow and cumbersome routine. Here are its advantages:

Simpliﬁed application procedure

No software to install or command line questions. Live validation, with most
details checked before payment.

Fast validation time

Three hours on average versus the industry standard 7 to 10 days.

Free reissues for the lifetime of the certiﬁcate

Easily add domain names later or ﬁx a lost private key.
103
You can read an excellent, in-depth review of the process on Troy Hunt’s blog .

Multiple HTTPS Websites On A Single IP Address

Due to the nature of the handshake process, virtual hosts with a single IP address

69 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

are a problem for TLS. Virtual hosts work by having the client include the domain
name as part of the HTTP request header, but when HTTPS is used, the TLS
handshake happens before the HTTP headers are sent — the secure channel
should be initialized and fully functional before transmitting any plain-text HTTP,
including headers. So, the server does not know which HTTPS certificate to
present up front to a connecting client, so it presents the first one it finds in its
configuration file, which, of course, only works correctly for the first TLS-enabled
website.

There are several workarounds: to have a unique IP for each TLS-enabled domain,
or to have all domains in a single certificate. Both are impractical — the IPv4
address space is now used up, and having one big HTTPS certificate means that if
you want to add a single website to this server, you’ll need to reissue the whole
multiple-domain certificate.
104
An extension to the TLS protocol, named Server Name Indication (SNI) , was
introduced to overcome this limitation. Both servers and clients should support it,
and although SNI support is nowadays widely available, it is still not 100%
bulletproof, if compatibility with all possible clients is a requirement.
105 106 107
You can read more about running SNI for Apache , nginx and IIS (8+) in the
respective documentation.

Useful Resources
108605914
Mozilla SSL Conﬁguration Generator
109
SSL Server Test , Qualys
110
“Security/Server Side TLS ,” Mozilla wiki
111
“SSL and TLS Deployment Best Practices ,” SSL Labs
112
Documentation , Qualys SSL Labs

70 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

113
“Database Search and Replace Script in PHP ,” Interconnect IT
For replacing all instances of HTTP with HTTPS (links, images, etc.) in a
WordPress database.

Footnotes
114 115 116
. ^ Chrome and Firefox explicitly mark websites that provide forms on
pages without HTTPS as being non-secure.
117 118
. ^ HTTPS has become an SEO ranking factor ,
119 120
. ^ HTTPS has a serious privacy impact .

(rb, vf, cm, al, il)

FOOTNOTES

1 #footnote-1

2 #footnote-2

3 #footnote-3

4 #lets-encrypt

5 https://www.smashingmagazine.com/wp-content/uploads/2017/05/symmetric-
encryption-large-opt.png

6 https://www.smashingmagazine.com/wp-content/uploads/2017/05/symmetric-
encryption-large-opt.png

7 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/asymmetric-encryption-large-opt.png

71 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

8 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/asymmetric-encryption-large-opt.png

9 https://www.smashingmagazine.com/wp-content/uploads/2017/05/chain-
of-trust-large-opt.png

10 https://www.smashingmagazine.com/wp-content/uploads/2017/05/chain-
of-trust-large-opt.png

11 #lets-encrypt

12 #cloudﬂare

13 https://wiki.mozilla.org/Security
/Server_Side_TLS#Cipher_names_correspondence_table

14 https://mozilla.github.io/server-side-tls/ssl-conﬁg-generator/

15 #lets-encrypt

16 #cloudﬂare

17 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
security-section-large-opt.png

18 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
security-section-large-opt.png

19 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
certiﬁcate-managment-pk-large-opt.png

20 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
certiﬁcate-managment-pk-large-opt.png

21 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
private-key-managment-large-opt.png

22 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
private-key-managment-large-opt.png

23 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-

72 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

private-key-conﬁrmation-large-opt.png

24 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
private-key-conﬁrmation-large-opt.png

25 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
private-key-generated-large-opt.png

26 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
private-key-generated-large-opt.png

27 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
certiﬁcate-managment-csr-large-opt.png

28 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
certiﬁcate-managment-csr-large-opt.png

29 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
csr-request-large-opt.png

30 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
csr-request-large-opt.png

31 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
csr-conﬁrmation-large-opt.png

32 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
csr-conﬁrmation-large-opt.png

33 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
csr-generated-large-opt.png

34 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
csr-generated-large-opt.png

35 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-step-01-large-opt.png

36 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-step-01-large-opt.png

73 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

37 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-create-csr-step-02-large-opt.png

38 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-create-csr-step-02-large-opt.png

39 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-create-csr-step-03-large-opt.png

40 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-create-csr-step-03-opt.png

41 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-create-csr-step-04-large-opt.png

42 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-create-csr-step-04-large-opt.png

43 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-create-csr-step-05-large-opt.png

44 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-create-csr-step-05-large-opt.png

45 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
certiﬁcate-managment-crt-large-opt.png

46 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
certiﬁcate-managment-crt-large-opt.png

47 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
ssl-create-large-opt.png

48 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
ssl-create-large-opt.png

49 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
ssl-paste-large-opt.png

50 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-

74 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

ssl-paste-opt.png

51 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
ssl-conﬁrmation-large-opt.png

52 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
ssl-conﬁrmation-large-opt.png

53 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
ssl-review-large-opt.png

54 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
ssl-review-large-opt.png

55 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
certiﬁcate-managment-https-large-opt.png

56 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
certiﬁcate-managment-https-large-opt.png

57 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
ssl-install-large-opt.png

58 https://www.smashingmagazine.com/wp-content/uploads/2017/05/cpanel-
ssl-install-large-opt.png

59 https://mozilla.github.io/server-side-tls/ssl-conﬁg-generator/

60 https://mozilla.github.io/server-side-tls/ssl-conﬁg-generator/

61 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-step-01-large-opt.png

62 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-step-01-large-opt.png

63 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-install-certiﬁcate-step-02-large-opt.png

64 https://www.smashingmagazine.com/wp-content/uploads/2017/05

75 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

/iis-windows-ssl-install-certiﬁcate-step-02-large-opt.png

65 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-install-certiﬁcate-step-03-large-opt.png

66 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-install-certiﬁcate-step-03-large-opt.png

67 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-install-certiﬁcate-step-04-large-opt.png

68 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-install-certiﬁcate-step-04-large-opt.png

69 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-install-certiﬁcate-step-05-large-opt.png

70 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-install-certiﬁcate-step-05-large-opt.png

71 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-install-certiﬁcate-step-06-large-opt.png

72 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-install-certiﬁcate-step-06-large-opt.png

73 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-install-certiﬁcate-step-07-opt.png

74 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-install-certiﬁcate-step-07-large-opt.png

75 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-install-certiﬁcate-step-08-large-opt.png

76 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/iis-windows-ssl-install-certiﬁcate-step-08-large-opt.png

77 https://www.ssllabs.com/ssltest/

76 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

78 https://letsencrypt.org

79 https://letsencrypt.org/isrg/

80 https://letsencrypt.org/2015/11/09/why-90-days.html

81 https://letsencrypt.org/docs/certiﬁcate-compatibility/

82 https://letsencrypt.org/docs/faq/

83 https://letsencrypt.org/docs/rate-limits/

84 https://letsencrypt.org/docs/certiﬁcate-compatibility/

85 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/letsencrypt-cpanel-step-01-large-opt.png

86 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/letsencrypt-cpanel-step-01-large-opt.png

87 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/letsencrypt-cpanel-step-02-large-opt.png

88 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/letsencrypt-cpanel-step-02-large-opt.png

89 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/letsencrypt-cpanel-step-03-large-opt.png

90 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/letsencrypt-cpanel-step-03-large-opt.png

91 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/letsencrypt-cpanel-step-04-large-opt.png

92 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/letsencrypt-cpanel-step-04-large-opt.png

93 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/letsencrypt-cpanel-step-05-large-opt.png

94 https://www.smashingmagazine.com/wp-content/uploads/2017/05

77 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

/letsencrypt-cpanel-step-05-large-opt.png

95 https://certbot.eﬀ.org/

96 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/letsencrypt-certbot-large-opt.png

97 https://www.smashingmagazine.com/wp-content/uploads/2017/05
/letsencrypt-certbot-large-opt.png

98 https://github.com/ebekker/ACMESharp

99 https://github.com/Lone-Coder/letsencrypt-win-simple/wiki

100 http://certify.webprofusion.com/

101 https://www.cloudﬂare.com/

102 https://certsimple.com

103 https://www.troyhunt.com/journey-to-an-extended-validation-certiﬁcate/

104 https://en.wikipedia.org/wiki/Server_Name_Indication

105 https://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI

106 http://nginx.org/en/docs/http/conﬁguring_https_servers.html#sni

107 https://www.iis.net/learn/get-started/whats-new-in-iis-8/iis-80-server-
name-indication-sni-ssl-scalability

108 https://mozilla.github.io/server-side-tls/ssl-conﬁg-generator/

109 https://www.ssllabs.com/ssltest/

110 https://wiki.mozilla.org/Security/Server_Side_TLS

111 https://github.com/ssllabs/research/wiki/SSL-and-TLS-Deployment-
Best-Practices

112 https://www.ssllabs.com/projects/documentation/index.html

113 https://interconnectit.com/products/search-and-replace-for-wordpress-
databases/

78 of 79 29/07/17 20:22
The Complete Guide To Switching From HTTP To... https://www.smashingmagazine.com/2017/06/gui...

114 #1-return

115 https://security.googleblog.com/2016/09/moving-towards-more-secure-
web.html

116 https://blog.mozilla.org/security/2017/01/20/communicating-the-dangers-
of-non-secure-http/

117 #2-return

118 https://googleonlinesecurity.blogspot.bg/2014/08/https-as-ranking-
signal_6.html

119 #3-return

120 https://www.schneier.com/blog/archives/2015/06/why_we_encrypt.html

Vladislav Denishev
Vladislav Denishev is an independent expert, helping small and medium
businesses excel by analyzing and improving their processes, technology and
human capital in a systematic way. He works in the intersection of three
domains: (1) Innovation and Digital Transformation, (2) Information Technology
and (3) Educational Technologies. Find out more at Systematic Brains.

With a commitment to quality content for the design community. Founded by Vitaly Friedman and Sven Lennartz.
2006-2017. Made in Germany. http://www.smashingmagazine.com

79 of 79 29/07/17 20:22

Technology For Product Managers - HelloPM
No ratings yet
Technology For Product Managers - HelloPM
8 pages
FortiOS-7.6.0-SSL VPN To IPsec VPN Migration
100% (1)
FortiOS-7.6.0-SSL VPN To IPsec VPN Migration
38 pages
Uag Deploy Config Guide
No ratings yet
Uag Deploy Config Guide
241 pages
CHEAT SHEET 3 Different Types of Product Manager Roles PDF
No ratings yet
CHEAT SHEET 3 Different Types of Product Manager Roles PDF
2 pages
E-mail Security Protocols Overview
No ratings yet
E-mail Security Protocols Overview
15 pages
Building A Modal With Vue - Js and Tailwind CSS - Laravel News
No ratings yet
Building A Modal With Vue - Js and Tailwind CSS - Laravel News
15 pages
CSS Animation and Keyframes Guide
No ratings yet
CSS Animation and Keyframes Guide
5 pages
Syllabus of Front End Web Development
No ratings yet
Syllabus of Front End Web Development
3 pages
Importance of Online Job Portal
No ratings yet
Importance of Online Job Portal
8 pages
ASP.NET WebHooks Guide
No ratings yet
ASP.NET WebHooks Guide
25 pages
Vue Tutorial
No ratings yet
Vue Tutorial
8 pages
Back-End Web Development Course Overview (4) - 1
No ratings yet
Back-End Web Development Course Overview (4) - 1
3 pages
Vue.js for Developers
No ratings yet
Vue.js for Developers
39 pages
CSS Animation Basics for Beginners
No ratings yet
CSS Animation Basics for Beginners
5 pages
Day 8 Task: Basic Git & Github For Devops Engineers
No ratings yet
Day 8 Task: Basic Git & Github For Devops Engineers
7 pages
Google Cloud Encryption in Transit
No ratings yet
Google Cloud Encryption in Transit
24 pages
Tls
No ratings yet
Tls
18 pages
Vue JS
No ratings yet
Vue JS
6 pages
SAS Input Statement Guide
No ratings yet
SAS Input Statement Guide
15 pages
POS-SYSTEM-Gladius Smart-ΤΑΜΕΙΑΚΑ ΣΥΣΤΗΜΑΤΑ PDF
No ratings yet
POS-SYSTEM-Gladius Smart-ΤΑΜΕΙΑΚΑ ΣΥΣΤΗΜΑΤΑ PDF
3 pages
Teachnook Edutech Private Limited: Weather Web Application
No ratings yet
Teachnook Edutech Private Limited: Weather Web Application
18 pages
Automation Business Analyst Professional - Learner Guide
100% (1)
Automation Business Analyst Professional - Learner Guide
344 pages
SharePoint Framework Developer Course
No ratings yet
SharePoint Framework Developer Course
4 pages
Learn GitLab CI
No ratings yet
Learn GitLab CI
2 pages
Recruitmccombs Bba Resume Template
No ratings yet
Recruitmccombs Bba Resume Template
5 pages
Animation: I Am Vishal Kumar Tiwari - Web Designer (Trainee) Hi
No ratings yet
Animation: I Am Vishal Kumar Tiwari - Web Designer (Trainee) Hi
12 pages
SAP Data Services Security Overview
No ratings yet
SAP Data Services Security Overview
16 pages
Dropshipping Guide
No ratings yet
Dropshipping Guide
3 pages
Tutorial - A Masterclass in CSS Animations
No ratings yet
Tutorial - A Masterclass in CSS Animations
11 pages
Bwresume
No ratings yet
Bwresume
10 pages
ASP Net MVC 3tier
No ratings yet
ASP Net MVC 3tier
12 pages
Ultimate Guide To Phishing
No ratings yet
Ultimate Guide To Phishing
38 pages
(M) BROCHURE-full Stack Development Learning Path
No ratings yet
(M) BROCHURE-full Stack Development Learning Path
29 pages
Serial Key 2007
No ratings yet
Serial Key 2007
3 pages
Guide To Learn ASP - NET Core Web API
No ratings yet
Guide To Learn ASP - NET Core Web API
19 pages
Business Intelligence Expert Profile
No ratings yet
Business Intelligence Expert Profile
3 pages
Microsoft Power Platform Accelerating Thailand
No ratings yet
Microsoft Power Platform Accelerating Thailand
113 pages
Devops: by - Dipanshu Baranwal
No ratings yet
Devops: by - Dipanshu Baranwal
10 pages
Altcademy S Web Development Syllabus
No ratings yet
Altcademy S Web Development Syllabus
46 pages
Online Job Portal
82% (11)
Online Job Portal
39 pages
Ui Path
No ratings yet
Ui Path
202 pages
Job Portals in India Overview
No ratings yet
Job Portals in India Overview
10 pages
SAS Viya VA
No ratings yet
SAS Viya VA
23 pages
Shopify Bilal
No ratings yet
Shopify Bilal
10 pages
Back End Web Development Sample Assessment Question Paper
No ratings yet
Back End Web Development Sample Assessment Question Paper
4 pages
Creatorcon: Building Your First Integrationhub Spoke: Jonatan Jonny' Jardi
No ratings yet
Creatorcon: Building Your First Integrationhub Spoke: Jonatan Jonny' Jardi
40 pages
Power Platform Licensing Guide 2023
No ratings yet
Power Platform Licensing Guide 2023
32 pages
Medical Device & Aerospace Process Engineer
No ratings yet
Medical Device & Aerospace Process Engineer
2 pages
Dreamwares Salesforce/Force - Com Expertise
No ratings yet
Dreamwares Salesforce/Force - Com Expertise
14 pages
Session #103750 - Integrate PeopleSoft and SharePoint - C12 Template
No ratings yet
Session #103750 - Integrate PeopleSoft and SharePoint - C12 Template
27 pages
Essential CSS Code Snippets Collection
No ratings yet
Essential CSS Code Snippets Collection
21 pages
PHP Mysql Laravel
No ratings yet
PHP Mysql Laravel
9 pages
HTTP vs. HTTPS: Key Differences Explained
No ratings yet
HTTP vs. HTTPS: Key Differences Explained
2 pages
HTTP Vs Https
100% (1)
HTTP Vs Https
2 pages
WWW Instantssl
No ratings yet
WWW Instantssl
2 pages
HTTPS vs HTTP: Secure Server Setup
No ratings yet
HTTPS vs HTTP: Secure Server Setup
12 pages
Computer Network Presentation - HTTP Vs HTTPS
No ratings yet
Computer Network Presentation - HTTP Vs HTTPS
14 pages
Test Bytes
No ratings yet
Test Bytes
18 pages
Understanding HTTPS: Importance & Security
No ratings yet
Understanding HTTPS: Importance & Security
2 pages
Matlab Gui Tutorial - For B
No ratings yet
Matlab Gui Tutorial - For B
89 pages
Ansys Icem CFD Brochure
No ratings yet
Ansys Icem CFD Brochure
2 pages
SNS Lab 01-Solution
75% (4)
SNS Lab 01-Solution
8 pages
Project Report On Shootout Enemy
No ratings yet
Project Report On Shootout Enemy
63 pages
2-d Viewing and Clipping
50% (2)
2-d Viewing and Clipping
33 pages
Web Access Management Overview
No ratings yet
Web Access Management Overview
9 pages
C Programming Exercises and Solutions
No ratings yet
C Programming Exercises and Solutions
4 pages
1 Introduction
No ratings yet
1 Introduction
42 pages
PowerHA SystemMirror For AIX: New Features and Best Practice
100% (1)
PowerHA SystemMirror For AIX: New Features and Best Practice
92 pages
TSQL String Functions Cheat Sheet
No ratings yet
TSQL String Functions Cheat Sheet
1 page
Grade XII Python Practical List
No ratings yet
Grade XII Python Practical List
8 pages
HLASM Language Reference
100% (1)
HLASM Language Reference
474 pages
Cjcook PDF 0.26
100% (1)
Cjcook PDF 0.26
367 pages
KTM 5.5.2 Release Notes
No ratings yet
KTM 5.5.2 Release Notes
35 pages
Poster Excel Web PDF
No ratings yet
Poster Excel Web PDF
1 page
WaterCAD V8i SELECTseries 6 Readme
No ratings yet
WaterCAD V8i SELECTseries 6 Readme
6 pages
Understanding Essential Computer Concepts
100% (1)
Understanding Essential Computer Concepts
63 pages
Multivariable Calculus. II.: Maxima and Minima of Functions of Several Variables
No ratings yet
Multivariable Calculus. II.: Maxima and Minima of Functions of Several Variables
2 pages
Windowing and Clipping
No ratings yet
Windowing and Clipping
12 pages
JAGS 3.3.0 User Manual Guide
No ratings yet
JAGS 3.3.0 User Manual Guide
42 pages
Cstring Management: Joseph M. Newcomer
No ratings yet
Cstring Management: Joseph M. Newcomer
17 pages
Zentyal 2.0: Network Admin Guide
No ratings yet
Zentyal 2.0: Network Admin Guide
15 pages
Case Study on Yarsha Studio Pvt. Ltd.
No ratings yet
Case Study on Yarsha Studio Pvt. Ltd.
14 pages
Install Shield Setup Parameters
No ratings yet
Install Shield Setup Parameters
6 pages
ciscocm_server.exe Loopback Issue
No ratings yet
ciscocm_server.exe Loopback Issue
4 pages
Instructions du microprocesseur 6809
No ratings yet
Instructions du microprocesseur 6809
7 pages
Vijeo Citect Training Overview
No ratings yet
Vijeo Citect Training Overview
342 pages
z80 CPU Datasheet PDF
No ratings yet
z80 CPU Datasheet PDF
10 pages
Cisco Flex VPN
100% (2)
Cisco Flex VPN
93 pages
Designing A Data Warehouse: Issues in DW Design
No ratings yet
Designing A Data Warehouse: Issues in DW Design
33 pages