Friday, March 18, 2016

Free SSL Certificate with Let's Encrypt

Encrypting your website's traffic is very important to protect your customer info and also get higher ranking in Google search (according to Google announcement on HTTPS). Google's search results will favor encrypted sites over those that are insecure, and the weighting that secure sites are given will only increase over time. Day by day, the websites use HTTPS are getting higher ranking than others not using HTTPS which will be alerted by famous browsers (Chrome, Firefox) as insecure website. Then you can image how it affect to your customers.

To make your website fully encrypted and authorized, normally you have to buy a "secure certificate" (SSL Certificate). This certificate, issued by a trusted third party, would then be installed on your site to confirm to your visitors that your website is encrypted (secured) and who you are.

Nothing is matter if you have $$$. But in this article, I want introduce a free solution with Let's Encrypt. To know how it works, please read this document. Basically, Let's Encrypt provides a mechanism working on top a protocol called ACME (Automated Certificate Management Environment) which allows to create your secure certificates manually then validate,  sign, install and even renew them automatically.

If you're using Debian-based OS, you can read the official document for quick start. I hope in future, Let's Encrypt will have an official tool to support Windows IIS. But to live before that time, we also have some clients (provided by third parties) to get and manage the secure certificate from Let's Encrypt if you own a Windows IIS server.

1. ACMESharp
It is an ACME library and client for the .NET platform. It uses PowerShell to configure. Read here for quick start.

2. letsencrypt-win-simple
It is built on top of ACMESharp for supporting Windows CLI instead of PowerShell. You can read its Command Line Arguments here.

3. Certify for Windows
It is an application with GUI for Windows (also based on ACMESharp) which uses the Let's Encrypt service to provide free trusted SSL certificates for websites you control.
Certify will automatically configure your website on IIS with Let's Encrypt. After creating New Certificate for your domain, let check http://{your site}/.well-known/acme-challenge/configcheck to see if you can access this file. Let's Encrypt service requires to access this file to issue a certificate for you. If you cannot access this file, you must edit web.config file in same folder or follow here to configure Extension Static Files on IIS.

Remember that the certificate only valid in 90 days. So you should renew it on time. Just open it in Certify then click Renew button.

Currently Let's Encrypt just supports single domain certificate, hope in future it can support multi-domains certificate. Let wait.

Thanks for your reading.

Tuesday, March 1, 2016

Visual Studio Code: how to work with GitHub

Visual Studio Code (VSC)  is powerful editor for developer in web app project. I like to use it in my project relating to Angular. GitHub provides public git repositories for community.

Below are steps to help you work with your GitHub from your project on VSC:

1. Install git
+Download and install GIT from:
+If you use Windows, let set PATH environment includes the folder which GIT is installed
+Check if GIT works by the command: # git --version

2. Create an empty repository on your GitHub and get its URL. To avoid errors, do not initialize the new repository with README, license, or gitignore files. You can add these files after your project has been pushed to GitHub. For example my repository is:

3. Use command line, go to your project folder. Configure your GIT global user & email (this step just is needed to do one time, you don't need to redo for later projects):
# git config --global "your email"
# git config --global "your name"

4. Open your project on VSC and initialize git repository for your project:

Or you can run the command:
# git init

5. Create a and commit all files in the folder to your repository on GitHub, below is command lines for example:
# echo "blah blah about the project" >>
# git add
# git commit -m "first commit"
# git remote add origin
# git push -u origin master

+You must replace my by the URL of your repository. Don't forget suffix .git in the end of the URL.
+Last command will require you input username & password of your account on GitHub
+Use .gitignore file to skip folders which you don't want to submit to GitHub
+Use to edit & check your, then copy & paste it to VSC

Now your project is binding with the repository on GitHub, you can use GIT function on VSC to add and commit any files when changing.

Happy codding! Welcome any comments!

Subscribe to RSS Feed Follow me on Twitter!