We're really excited to announce the availability of LetsEncrypt, a new security management feature we've integrated with Cloud 66. Let's Encrypt is a free, automated and open certificate authority service that's currently in public beta. The service is provided by the Internet Security Research Group, a California-based public benefit corporation, which focuses on Internet security.
How does it work?
Let's Encrypt allows you to set up a HTTPS server by running a certificate management agent on the web server. To get started with Let's Encrypt, use this getting started guide.
Let's Encrypt without Cloud 66
You can of course use Let's Encrypt without the benefit of Cloud 66's automation capability. It's worth noting that you will need to perform some additional tasks to manage the certificate renewal yourself. If you've obtained the certificate manually, you'll need to install this on your server, which will require specific knowledge of managing Nginx and the methods for handling private keys and certificates.
Let's Encrypt with Cloud 66
One of the advantages of using Cloud 66 is that we take care of all the steps for you. All you need to do is activate Let's Encrypt in your Cloud 66 account.
To do this, just follow a few easy steps:
#1 Explore Add-ins
Once you're logged-in to your Cloud 66 account, open your stack and click on the
Explore Add-ins box.
Next, select the SSL certificate box that's located in the Networking section and click on the
install now button.
#3 SSL Certificate
Web Server SSL Certificate window will pop up. Now you have an option of either providing all the standard SSL Certificate details, or click on
LetsEncrypt (Beta) link.
#4 Let's Encrypt
The Let's Encrypt Client is still in public beta, and it's recommended to first test this in a staging environment before moving to production.
Cloud 66 supports multiple domains and subdomain combinations, which you can specify in the
Domain Names box.
Note: Let's Encrypt DOES NOT support wildcards, therefore make sure you specify all your domains separately.
For example if you own the domain myawesomewebapp.io and you're running a couple of services (www, api, cms), you'll need to specify them one-by-one; www.myawesomewebapp.io api.myawesomewebapp.io, cms.myawesomewebapp.io , etc...
Cloud 66 automatically takes care of renewing your Let's Encrypt service expiration every 3 months.
Why Let's Encrypt?
Let's Encrypt was a highly requested feature on our UserVoice forum. This didn't come as a surprise, given the service has already secured nearly 2.4 million domains. Here's some of the reasons why the service is so popular:
- Let's Encrypt is free and available to anyone who owns a domain name
- The software running on your web server automatically integrates with Let's Encrypt
- It provides a platform for TLS security best practices
- It's transparent, as all certificates issued or revoked are publicly recorded and available for anyone to inspect
- The automatic issue and renewal protocol will be published as an open standard that others can adopt
- Let’s Encrypt is a joint effort to benefit the community, beyond the control of any one organization
We're delighted to be able to offer Let's Encrypt as part of the Cloud 66 service, making it super easy to secure your domains and internet traffic.
As a reminder, please visit the Cloud 66 UserVoice forum to add and upvote any new features you'd like to see included as part of the Cloud 66 roadmap.