Now supporting SSL

Lock-iconI just finished installing an SSL certificate on JakeSavin.com. The main reason was to prevent impersonation and man-in-the-middle attacks while I'm editing or administering my site. I was using SSL to connect to my WordPress admin interface already, but with a self-signed certificate that produces warnings in the browser (in addition to not being as secure as it should be). Now that I have a CA-backed certificate, the warnings go away.

There are a some additional benefits to this:

  1. API clients like dedicated blog editing apps, that validate SSL certs (as they all should when connecting securely) should now work, though I have yet to test this.
  2. Anyone who visits my site can request the secure URL, and get an encrypted connection to protect their privacy. They can also be reasonably sure that they're actually visiting my real site and not an imposter—not that I'm actually worried about imposters.
  3. Google (at least) has started ranking sites that fully support SSL higher in their searches. Not that I'm really big on SEO for my site, but it's a “nice-to-have” feature.

See also: Embracing HTTPS (Konigsburg, Pant and Kvochko)

If you see any problems, please let me know via a comment, tweet or some-such.

 

One Comment

  1. Jake Savin said:

    If you have a Synology NAS as I do, you can follow these instructions for obtaining a free certificate from StartSSL.com, and installing it on your Synology NAS.

    The key you create by copying and pasting code from StartSSL.com into a .key file, is your encrypted private key. You’ll need to decrypt the key for uploading to your NAS via the Synology DSM.

    Here’s the shell command for creating the public key:

    openssl rsa -in server.key.secure -out server.key

    You will be prompted for the password you used when you created the private key, and the public key file (server.key) will be generated by openssl.

    Here’s Synology’s tutorial on securing your NAS with SSL:
    https://www.synology.com/en-us/knowledgebase/tutorials/464

    ps. I did end up importing the StartSSL intermediate certificate, since seeing a warning that some browsers would need it.

    November 29, 2014
    Reply

Post a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.