Lightning Base

Get Started Now

  • Home
  • Tour
  • Pricing
  • Contact
  • About

Beta: Free SSL via Let’s Encrypt

Friday, February 5th, 2016 / Posted In :Company News /  By :Chris Piepho / Leave a comment

We have seen an increasing number of clients interested in SSL (https) for their WordPress sites in the past year or so, and have been working to make some updates to our systems to improve both performance and ease-of-use for SSL.

Our goal is that within the next few months there will be no reason to run sites via regular http at Lightning Base – you’ll certainly be able to, but sites will be just as fast running https, and with very little hassle during setup.

What Is Let’s Encrypt?

One piece of getting everyone running https is making it easier and cheaper to issue an SSL certificate for a site. There is an effort underway called Let’s Encrypt ( https://letsencrypt.org/ ) that has support from Mozilla, Facebook, Auttomatic, and an increasing number of companies in the hosting and general web industries. The service is in public beta, and we’ve been watching this (and hearing about interest from our clients in it) for some time.

Let’s Encrypt both issues its own SSL certs, and provides software that makes it easy to install these on a server (no more CSR and CRT files, email verification, etc).

Using Let’s Encrypt at Lightning Base

We have integrated the Let’s Encrypt service into our cPanel. This has been in internal testing for a short time and is now publicly available on all client cPanel’s. To use it, you’ll look for the Let’s Encrypt icon under the ‘Security’ section in cPanel:

lets-encrypt-icon

Clicking that will bring you to the certificate management screen. You can click the ‘Issue’ link in the bottom section to create a new certificate, or in the top section can view the Let’s Encrypt SSL certs currently installed:

lets-encrypt-cpanel

You’ll notice that certificates are only good for 3 months. This is the way Let’s Encrypt works, our system will attempt to auto-renew certs when they are 30 days from expiration. Note that a domain must be pointing at Lightning Base to issue a Let’s Encrypt certificate, due to the way they validate control of the domain.

Once a certificate is installed, you can test it by going to https://yoursite.com. If no errors occur there, you can login to WordPress, click ‘Settings’ -> ‘General’, and update both URL’s to use https. We’ll be putting up some more info about running WP all-SSL once our system-side changes (which will improve SSL performance) are in-place as well.

Why Beta? (Can I use this on my site?)

We consider this feature to be in beta for two reasons:

1. Let’s Encrypt itself considers their service to be in public beta.

2. This is new to Lightning Base, and although some successful testing has been done, we will need to see it used on client sites to be 100% sure it is ready for use by everyone.

In general, it does appear that this service is working well enough for production sites. But for important SSL certs I would wait until it has fully exited beta before going forward with a Let’s Encrypt cert.

I would also suggest that anyone testing this check their certificate expiration date after ~2.5 months. If the cert has not auto-renewed, please get in touch. It is hard for us to test auto-renewals without letting months pass, so this is the least-tested portion of the service on our end.

If all goes well, this should leave beta here within 3-4 months (I’m not sure how long it will last at Let’s Encrypt). We just need to start seeing a good number of client site auto-renewals, at which point there would be no reason to purchase a regular domain validated SSL for use at Lightning Base.

Please do let us know if you run into any problems using Let’s Encrypt during this beta

SSL at Lightning Base

Let’s Encrypt is just the first piece of our SSL revamp. We are currently testing system changes that will enable our built-in cache on https pages and provide full http/2 support. This will provide the benefits of our automatic caching to sites running SSL-everywhere, and http/2 helps minimize connection overhead and make SSL perform more like (and better than) regular http.

We will be posting additional updates on our blog/Twitter/Facebook as these updates enter beta and then roll out into production.

If you have any questions, don’t hesitate to login to https://secure.lightningbase.com and open a ticket.



Author : Chris Piepho

Chris is the founder of Lightning Base. You'll find him all over around here - writing on this blog, providing customer service, and handling whatever else needs to be done. You can reach him easily by filling out our contact form and addressing your message to Chris.

WordPress 4.4.2 Security Update Released
Public Beta Invite: HTTP/2, HTTPS Caching
Click here to cancel reply.

Leave a Reply

Post Comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Menu

  • Home
  • Tour
  • Pricing
  • Contact
  • About

Archives

  • November 2024
  • December 2018
  • June 2016
  • March 2016
  • February 2016
  • January 2016
  • December 2015
  • September 2015
  • August 2015
  • July 2015
  • May 2015
  • April 2015
  • February 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • May 2014
  • April 2014
  • September 2013
  • June 2013
  • April 2013
  • January 2013
  • December 2012
  • November 2012
  • October 2012
  • September 2012
  • May 2012
  • March 2012
  • February 2012
  • January 2012

WP Host

Lightning Base: Making WordPress faster, easier, better. Take the tour or get started today.

From the Blog

  • Mitigating the Really Simple SSL Security Vulnerability

    Note: This blog has been pretty quiet for a long time. We're looking to change that and more frequently discuss things h...

  • WordPress 5.0

    WordPress 5.0 will be released tomorrow, December 6th. This is one of the largest updates WordPress has seen in a long t...

  • WordPress 4.5.3 Security Update Released

    WordPress 4.5.3 was released today, as announced on WordPress.org. The Update This is a security update, it is important...

  • Public Beta Invite: HTTP/2, HTTPS Caching

    We've been working on changes that enable HTTP/2 and built-in caching for HTTPS sites/pages for several months now. At t...

Menu

  • Home
  • Tour
  • Pricing
  • Contact
  • About
  • Affiliates
  • Client Login

© 2020 Lightning Base LLC. All rights reserved. | Privacy Policy | Terms of Use