Tsohost Blog, News & Announcements

Cloud update - Free Let’s Encrypt SSLs now supported

Posted Monday 09th Jan, 2017 by

22 Comments

We’re excited to announce the availability of Let’s Encrypt SSL Certificates; the fast simple and free way to protect websites hosted on our Cloud Hosting platform. In this post we look at everything you need to know about Let’s Encrypt and why now it’s more urgent than ever to make the move to https;

What you need to know about Let’s Encrypt

Let’s Encrypt is a free, automated and open certificate authority which provides domain-validated security certificates. Run by Internet Security Research Group (ISRG) Let’s Encrypts primary goal is to create a more secure and privacy-respecting web by making https more accessible and user friendly.

Here’s how Let’s Encrypt Certificates work:

- It’s free

- Easy installation

- Enables https

- Domain validated

- Trusted by major browsers

- Renews automatically every 90 days

What is https

Hypertext Transfer Protocol Secure (HTTPS), unlike its http counterpart is a communications protocol which provides a secure connection between a site and a visitor’s web browser, meaning any data shared is encrypted and safe from prying eyes.

Why it’s more important than ever to move to https

For security and Google.

First and foremost, https makes your website secure for your users. If your website does not use https, data sent between it and your users can potentially be intercepted, monitored or even altered by a 3rd party as it traverses the internet.

Security is a top priority for Google and back in August 2016 they announced https would to be used as a ranking single to encourage webmaster to use encryption. Continuing their mission for a safer web, from this month Google will highlight all sites which collect passwords and credit card data without https encryption as ‘Non-secure’ to visitors. You can learn more about this update here.

To avoid penalties we recommend you make the move to https as soon as possible. We’ve created a short guide to show you how to enable https with Let’s Encrypt on a site hosted on our Cloud platform.

Installing a Let’s Encrypt Certificate

Head to your Cloud control panel now to install a Let’s Encrypt Certificate in just a few click. We’ve made it simple to install an Let’s Encrypt SSL with instructions within the panel, but to ensure installation goes without a glitch, we’ve also created a step by step guide.


Leave A Comment

I am still rather hoping that Aliysa, the (Tsohost Staff); who appears to be picking up responsibility for guiding customers through this will add some words of wisdom for the none techies as referred to in Kevin Smith post.

I have tried using the recommended WP Force https plugin, but when enabled my site is red flagged as unsafe. Do I need to combine free Let’s Encrypt Certificate in addition - if so how do I do so. (You host the DNS for the site)
Any assistance would appreciated in order I can re-activate the plugin; thank you in advance.
Mark

Got the scout group website shifted over. Took only tool about 5 mins for the certificate to be issued.
After that, the main problem was finding the mixed content. For the none techies, it would be good if the one click operation included installation and set to work of the WP Force https plugin and the change that the plugin needs to make to the wp-confif.php file.

Also a quick guide to finding unsecured content on the website, I had 8 pictures which were blocked as they were still referenced by http://.. when that was sorted my broken padlock turned to a nice green closed one.

Once again, many thanks for the free charity hosting.

@ Kevin - For the minute Let’s Encrypt is only available on the Cloud with no firm plans in place to extend to cPanel. As soon as I hear more about this I will get in touch.

@ Suzanne - Yep, you have nothing to worry about here, all outside links will still work.

Are there any plans to extend this to include cpanel hosting?

Hi, One of my clients has just tried to attempt this and it appears to have broken the site? It’s all jumbled up now eezyloads.co.uk
Does it take a few hours to kick in or work straight away?
Thanks

This is great news, thanks.

One question though, how do we go about adding Let’s Encrypt SSL to a sub-domain?

This is what I’ve been waiting for from TSOHOST once I knew you were participating in the project.

Does enabling ‘Lets Encrypt’ automatically redirect to HTTPS for non Wordpress websites?

I believe there are SEO implications and Facebook like implications as they see HTTP and HTTPS as separate pages. Could you explain what extra steps can be taken to minimise the impact of switching.

Great work - well done

If I add this to my sites, (making the web address start https://) will any old outside links to the http:// sites still work?

@ Alison - While both our SSLs and Let’s Encrypt offer the same level of encryption there are some differences which are particularly beneficial for enterprise businesses. You can learn more about the key differences here: https://www.tsohost.com/knowledge-base/article/1029/what-are-the-differences-between-let-s-encrypt-and-the-other-ssls-available If you decide to swap to a Let’s Encrypt cert theres no need to make the move until your current cert has expired. I suggest you login to your my.tsohost to cancel your certificate - this will stop it auto renewing :)

@ David -Good questions, I’ll do my very best to answer them -

Once implemented, what happens to outside links to the website? Will these still work?
Enabling LE won’t disrupt your site at all. You can add a redirect from http to https in your htaccess.

Will Google automatically update their links in search results?
Google should pick this change up.

And will Google search console and analytics need to be updated manually?
Info regarding SC and GA can be found here: https://support.google.com/webmasters/answer/34592?hl=en

Is it necessary to use Let’s Encrypt if I don’t have users sending information to my website i.e. it’s just an information site? is there other reasons for using it? thanks

Our website already has an SSL Certificate.  Would I be better to replace that now or wait until it’s due to renew before implementing this?
Just so I can be sure I’m understanding this correctly, basically you’re offering something free that up until now I’ve paid for.  It sounds amazing, if so, but almost too good to be true!  Any downsides to swapping to this?

@ Nathanael - After a little Google search it looks like Let’s Encrypt is supported. You can learn more here: https://stripe.com/docs/security

@ Elliot - To stop your SSL from renewing you’ll need to login to your my.tsohost account and cancel the product. Hope this helps!

This is really great news, I was hoping you would offer this. Thanks.

Your step-by-step guide is really good, but I have some questions:

Once implemented, what happens to outside links to the website? Will these still work?

Will Google automatically update their links in search results?

And will Google search console and analytics need to be updated manually?

@ Graeme - Yes, our team can install a Let’s Encrypt Cert on your VDS. If you’d like to go ahead with the install I kindly ask that you send a request to support@tsohost.com. Replacing your current SSL may be an option but It depends on your priorities and the type of business you run - to get a better idea of which SSL is best for you I suggest you read the key differences between the Let’s Encrypt and other SSLs: - https://www.tsohost.com/knowledge-base/article/1029

Is this only for the cloud or does it work on VDS too? Could it replace our SSL certificate we pay £70ish a year for?

Great, how do I stop my existing one from renewing next year?