Switching to https with Let's Encrypt

  |   Source

As you may have noticed, the blog is now being served as a secure, encrypted page with the help of a fresh TLS certificate from Let's Encrypt.

Let's Encrypt

Ever since I first learned about this initiative supporting a more secure and privacy-respecting web, I wanted to use such a certificate for my blog. The immediate enthusiasm was slowed by the realization of the very short lifetime of the certificates and so the idea was left dormant for a while. With a validity of only three months, some sort of scripting infrastructre is needed to ensure that the certificates are renewed in a timely fashion and back then I didn't see an easy solution ready in a few minutes. Luckily enough, my web space provider Hostsharing eG integrated Let's Encrypt in a completely seamless fashion in the last weeks. All I needed to do was to tick the "Let's Encrypt Zertifikat" option in the HSAdmin web interface, specify the valid sub-domains and a few minutes later the website started serving the certificate.

Admittedly it took a little longer to find out why Firefox kept complaining about blocking mixed content on the TLS connection replacing the icons in the left hand panel by empty rectangles. Debugging the problem showed that the icons are in fact individual "characters" in an off-site font referenced by my chosen Nikola theme. Switching the template HTML to load the fonts also over https finished the transition.

Comments powered by Disqus