Tales from the Let's Encrypt

2ccd8593c0f2ac6c9b91ee79bff5b63f?s=47 Beth Haubert
August 16, 2016
Programming
0
47

Tales from the Let's Encrypt

2ccd8593c0f2ac6c9b91ee79bff5b63f?s=128

Beth Haubert

August 16, 2016
Tweet

More Decks by Beth Haubert

See All by Beth Haubert
2ccd8593c0f2ac6c9b91ee79bff5b63f?s=48 bethanyhaubert
1
320
2ccd8593c0f2ac6c9b91ee79bff5b63f?s=48 bethanyhaubert
1
100

Other Decks in Programming

See All in Programming
C95cdabc569dc4c7750d776687f66037?s=48 yutannihilation
0
130
5a6d5ee0a806157d4b8d214194d9ee91?s=48 takayukifujisawa
3
120
04df7340898eac3a0536d3b47c55501c?s=48 hirotokirimaru
0
130
1405a601755e5fcbfdc93a2560368bb1?s=48 freddi
2
200
55517518e318b28906211d115c24208b?s=48 clyang
0
610
127f2573f14072eba29ccb60506663eb?s=48 madai0517
3
270
A4d1023b1de7890c67a083d14573882d?s=48 ktgrstsh
1
1.2k
9f3a83db74bee75a64b5e6ed106a775c?s=48 twada
5
740
C4b9a181d7fb82642b4c8c1df6ae2b87?s=48 louvre2489
1
170
Ae276805027a01983503c3edafbdb6b2?s=48 martysuzuki
4
1.2k
3499a1d71fa70b8ee44816ca9e7329fe?s=48 bells17
1
100
7e0087a19318ded4ba2203187694740f?s=48 christianweyer
0
110

Featured

See All Featured
7cbd3f5f922d798cc312eaf596de7ae6?s=48 iamctodd
10
1.4k
5f2da528927a2ec9ba4fec2069cbc958?s=48 kneath
218
14k
9128d500301ae51524e887bb680f471d?s=48 caitiem20
304
16k
A0517b08532aec8ab2aae3f65d40ad86?s=48 hannesfritz
26
870
5b9fe87ec1faa67a4599782930f45ec9?s=48 sstephenson
145
12k
C44e1f7e22c3f23cff7bc130871047ef?s=48 eileencodes
112
24k
Bfd6b681ec6e8c9bef82ff0521c364f7?s=48 kastner
52
1.8k
F57e2136eb9895eb95ff5dc8a1c02677?s=48 zakiwarfel
87
3.2k
651dcfe41723207fbb0aa044a4f7c07f?s=48 dotmariusz
94
5k
E14f55d3f939977cecbf51b64ff6f861?s=48 keithpitt
399
20k
64827b31aef81498662e8af4bd6d5157?s=48 jonrohan
1020
360k
3d4519fd34b76fb265fc0237f3792bd4?s=48 danielanewman
1
320

Transcript

  1. TALES FROM LET’S ENCRYPT BETH HAUBERT LET’S EN BETH HAUBERT

    PRESENTS

  2. TABLE OF CONTENTS ‣ SSL OVERVIEW ‣ HOW TO GET

    A CERTIFICATE ‣ LET’S ENCRYPT!

  3. SECURE SOCKETS LAYER (SSL)

  4. SSL OVERVIEW • So that customers trust that a site

    is secure and that their information won’t get stolen in transit from their browser to the server. • The need for encryption is becoming the rule, not the exception as web interaction become more complex. WHY DO YOU WANT SSL?

  5. SSL OVERVIEW • A layer of encryption is added between

    the client and the server. • This encryption uses private/ public keys and certificates that contain important info about the organization that owns the site. • A trusted third party (like Digicert or Verisign) validates the identity of the certificate and server. HOW SSL WORKS

  6. SSL OVERVIEW • A text file with encrypted data that

    you install on your server WHAT IS AN SSL CERTIFICATE

  7. HOW TO GET A CERTIFICATE

  8. HOW TO GET A CERTIFICATE • Fill out a CSR

    (certificate signing request) • Send it to a certificate authority (CA) • If you’ve submitted the correct info, the CA will validate your domain and other info • Receive and install the issued certificate GET THAT CERT!

  9. LET’S ENCRYPT! (WHAT IS IT?)

  10. LET’S ENCRYPT • Let’s Encrypt is a Certificate Authority (CA)

    • It’s free, which is awesome GET THAT CERT!

  11. LET’S ENCRYPT • https://letsencrypt.org/docs/client-options/ SO MANY CLIENTS

  12. ADDING LET’S ENCRYPT TO A RAILS APP ON A HEROKU

    SERVER

  13. LET’S ENCRYPT STEP 1: GET THE CLIENT RUNNING ▸ brew

    install certbot ▸ sudo certbot certonly --manual

  14. LET’S ENCRYPT STEP 2: ▸ Follow the prompts until you

    see this:

  15. LET’S ENCRYPT STEP 3: SET UP YOUR APP & VALIDATE

    URL ▸ Configure your new route ▸ Add a LETSENCRYPT key to your config file: ▸ heroku config:set LETSENCRYPT=(value) -r production ▸ Add a controller method

  16. LET’S ENCRYPT STEP 4: ADD THE CERT TO YOUR HEROKU

    APP ▸ heroku addons:create ssl:endpoint -r production ▸ sudo heroku certs:update /etc/letsencrypt/live/ www.omeowha.com/fullchain.pem /etc/letsencrypt/live/ www.omeowha.com/privkey.pem -r production ▸ Edit your DNS using the new value.

  17. https://letsencrypt.org/ getting-started/ http://collectiveidea.com/ blog/archives/2016/01/12/ lets-encrypt-with-a-rails- app-on-heroku/ https://opensource.com/ business/16/8/lets-encrypt