Tales from the Let's Encrypt

2ccd8593c0f2ac6c9b91ee79bff5b63f?s=47 Beth Haubert
August 16, 2016
Programming
0
45

Tales from the Let's Encrypt

2ccd8593c0f2ac6c9b91ee79bff5b63f?s=128

Beth Haubert

August 16, 2016
Tweet

Want more?

2ccd8593c0f2ac6c9b91ee79bff5b63f?s=48 bethanyhaubert
1
300
2ccd8593c0f2ac6c9b91ee79bff5b63f?s=48 bethanyhaubert
1
97
3ab1249be442027903e1180025340b3f?s=48 reverentgeek
13
770
A9a491b0fcbe0fbce3d64063a37add99?s=48 rmw
4
420
766b9746b59e6f09e280cd33cf4ed419?s=48 skipperchong
0
260
61857dafbd287b3027c4dcea9008ad3c?s=48 carmenhchung
8
560
06f8b41980eb4c577fa40c41d5030c19?s=48 keathley
9
300
C0390e8b11079f8761c0cd3274ed61cb?s=48 productmarketing
3
350
C35e01544a0dd94a2cf1619ee8a42ebb?s=48 clairelew
4
810
6bb82b13cda86d3b821fa44100335ddf?s=48 thoeni
1
210
B3ace07412a5178ea778e7eec161fc0a?s=48 jcasabona
4
290
Ef32e0b1ac5082450dc8c1fca3a26b5c?s=48 cherdarchuk
63
250k

Transcript

  1. 1.

    TALES FROM LET’S ENCRYPT BETH HAUBERT LET’S EN BETH HAUBERT

    PRESENTS
  2. 2.

    TABLE OF CONTENTS ‣ SSL OVERVIEW ‣ HOW TO GET

    A CERTIFICATE ‣ LET’S ENCRYPT!
  3. 3.

    SECURE SOCKETS LAYER (SSL)

  4. 4.

    SSL OVERVIEW • So that customers trust that a site

    is secure and that their information won’t get stolen in transit from their browser to the server. • The need for encryption is becoming the rule, not the exception as web interaction become more complex. WHY DO YOU WANT SSL?
  5. 5.

    SSL OVERVIEW • A layer of encryption is added between

    the client and the server. • This encryption uses private/ public keys and certificates that contain important info about the organization that owns the site. • A trusted third party (like Digicert or Verisign) validates the identity of the certificate and server. HOW SSL WORKS
  6. 6.

    SSL OVERVIEW • A text file with encrypted data that

    you install on your server WHAT IS AN SSL CERTIFICATE
  7. 7.

    HOW TO GET A CERTIFICATE

  8. 8.

    HOW TO GET A CERTIFICATE • Fill out a CSR

    (certificate signing request) • Send it to a certificate authority (CA) • If you’ve submitted the correct info, the CA will validate your domain and other info • Receive and install the issued certificate GET THAT CERT!
  9. 9.

    LET’S ENCRYPT! (WHAT IS IT?)

  10. 10.

    LET’S ENCRYPT • Let’s Encrypt is a Certificate Authority (CA)

    • It’s free, which is awesome GET THAT CERT!
  11. 11.

    LET’S ENCRYPT • https://letsencrypt.org/docs/client-options/ SO MANY CLIENTS

  12. 12.

    ADDING LET’S ENCRYPT TO A RAILS APP ON A HEROKU

    SERVER
  13. 13.

    LET’S ENCRYPT STEP 1: GET THE CLIENT RUNNING ▸ brew

    install certbot ▸ sudo certbot certonly --manual
  14. 14.

    LET’S ENCRYPT STEP 2: ▸ Follow the prompts until you

    see this:
  15. 15.

    LET’S ENCRYPT STEP 3: SET UP YOUR APP & VALIDATE

    URL ▸ Configure your new route ▸ Add a LETSENCRYPT key to your config file: ▸ heroku config:set LETSENCRYPT=(value) -r production ▸ Add a controller method
  16. 16.

    LET’S ENCRYPT STEP 4: ADD THE CERT TO YOUR HEROKU

    APP ▸ heroku addons:create ssl:endpoint -r production ▸ sudo heroku certs:update /etc/letsencrypt/live/ www.omeowha.com/fullchain.pem /etc/letsencrypt/live/ www.omeowha.com/privkey.pem -r production ▸ Edit your DNS using the new value.
  17. 17.

    https://letsencrypt.org/ getting-started/ http://collectiveidea.com/ blog/archives/2016/01/12/ lets-encrypt-with-a-rails- app-on-heroku/ https://opensource.com/ business/16/8/lets-encrypt