The elves at Scalingo have been working hard to end the year 2016 in beauty. The gift they left at the foot of the Christmas tree is a wonderful Let’s Encrypt certificate for all your custom domains! TLS Certificates are mandatory to ensure your applications can be accessed through HTTPS, hence they make the web a safer place to live. Anyone listening on the network would only get some encrypted-scrambled data, nothing readable.
What is Let’s Encrypt?
Getting a valid certificate has always been a difficult and expensive task. Many steps were required such as:
- add a custom domain to your application
- ensure that your DNS settings targets our infrastructure
- create an RSA key pair
- convert in PEM format if needed
- create a signing request with the correct information
- submit the generated request to an external certificate authority
- paying for this authority to sign your certificate
- notice that you made a typo in the domain name. Get back to first step
- upload the certificate along with the private key to Scalingo
- test your app and realize that your browser display an error when accessing the HTTPS version of your website
- understand what certificate chains are
- bundle all the certificates into one file
- and finally upload it along with the private key to Scalingo
These steps used to be manual and error prone.
Since year 2015, the Internet Security Research Group have started working on a protocol to automate the certificate management: Automated Certificate Management Environment (ACME) and the associated Certificate Authority: Let’s Encrypt.
With this Certificate Authority launched in April 2016, the management of certificates is now free and can be fully automated thanks to APIs.
On our way to ease the life of developers, we are happy to release today the automatic creation and renewal of certificates for every custom domains on Scalingo!
Let’s Encrypt on Scalingo
The way we implemented it on Scalingo is as simple as possible:
- add a custom domain to your application,
- ensure that your DNS settings targets our infrastructure,
and… that’s it!
Here is an example view of the “Domains/SSL” tab on the dashboard:
Go to the HTTPS address of your new domain name and enjoy a free, fully encrypted connection to your website:
If you already have a domain name linked to your application, we already generated a certificate for it. In short, HTTPS is everywhere on Scalingo!
With Google improving SEO ranking of website accessible through HTTPS and Apple forcing every iOS applications to use HTTPS connections, HTTPS is definitely how you want your website to be accessible.
If you want to keep using your custom certificate signed by a different certificate authority, you can still add it.
With this new Let’s Encrypt deep integration in our platform you can see our full commitment to a safer web and to really make developer’s life easier without them bothering about system administration.