-
Learn how to secure your sites with HTTPS using SSL certificates.
All websites should be using secure connections over HTTPS by default. Web browsers have evolved and warn users whenever sites allow insecure connections. At the same time, the Let's Encrypt project has made it easy to install SSL certificates for free. In this course, instructor Kevin Skoglund explains what an SSL certificate is, how it is used to encrypt communications between a server and a browser, and how to choose the domain scope and validation type. He demonstrates how to install free certificates from Let's Encrypt using Certbot or install purchased certificates from a traditional certificate authority. He shows how to configure the web server to default to HTTPS and how HSTS directives can tell browsers to always use HTTPS.
Overview
Syllabus
-
Introduction
- Why SSL certificates are essential for every website
- What you need
- What are SSL certificates?
- Handshakes and cryptography
- The urgent need for HTTPS
- Certificate authorities (CAs)
- Free certificates with Let's Encrypt
- Self-signed certificates
- Certificate types
- Certbot
- Install using Certbot
- Install using a hosting provider
- Certificate signing request (CSR)
- Sign up for an SSL certificate
- Install on Apache
- Install on NGINX
- Install on hosted web servers
- Redirect requests to HTTPS
- HTTP Strict Transport Security (HSTS)
- HSTS preloading
- Expiration dates
- Renew Let's Encrypt certificates
- Next steps
