Author

Topic: If you have a Bitcoin website or you are starting one get a FREE SSL (HTTPS) (Read 913 times)

newbie
Activity: 56
Merit: 0
Just curious, we can use that in any site, does that mean it is like any open source stuff available for everyone on internet to use & can be used securely to keep information or any hacking away!  Roll Eyes
legendary
Activity: 1778
Merit: 1043
#Free market
In the Bitcoin community we love crypto, that also includes loving https, bitcointalk.org, blockchain.info, bitstamp.net, bitcoin.org, all of them are using HTTPS right now.
Now you can also get a SSL certificate for your website for free (Yes, free as a free beer, forever) going to https://startssl.org

To setup and install it for free I recommend reading this tutorial:



# How To Set Up Apache with a Free Signed SSL Certificate

-> https://www.digitalocean.com/community/tutorials/how-to-set-up-apache-with-a-free-signed-ssl-certificate-on-a-vps

Note: it does not matter your provider, you dont need a server at digitalocean, it works in any Dedicated Server or VPS




Now that you have HTTPS in your website you should redirect http:// to https:// using this code in your .htaccess
Code:
RewriteEngine On
 RewriteCond %{HTTPS} !=on
 RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]



Also if you want enable HSTS to avoid SSLstrip attacks including this code in your .htaccess:
Code:
Header set Strict-Transport-Security "max-age=31536000" env=HTTPS

Thanks, I'll use this SSL in one of my sites!
W-M
full member
Activity: 210
Merit: 100
In Crypto we Trust.
It works in FireFox(i.e. Gecko) just as well as in other browsers. However, StartSsl is slow to update their OSCP entry for your site. As FireFox uses this to see if your site is absolutely safe, it takes +- 24 hours after getting one of their certificates until  FireFox will display it properly.


Although their site is a little clunky, I really like StartSSL and their service. I've been using the free certificate for https://last-mail.org, where it works perfectly.


About the tutorial:
-You do not need Google Chrome at all to perform these steps.
-Many web servers have a hosting packet such as cPanel, which greatly reduce the amounts of steps to take. There are also tutorials available on the site of StartSsl itself.
rme
hero member
Activity: 756
Merit: 504
ssl , by firefox..it is free

What are you meaning?  Huh
rme
hero member
Activity: 756
Merit: 504
StartSSL is good for starters, but I wouldn't recommend it long term. It's root certificate isn't fully trusted on all browsers. So you'll likely get the little yellow warning, which can make people think it's not trusted. I know on Firefox you can't browse a site with StartSSL unless you add its root authority to the certificate store manually. The free version has no validation or verification at all. Any scammer can get one, this is why it's not trusted fully.

Nope, works perfectly with firefox, I use it in some websites.

Also the verification is done with an email to webmaster@domain just like everyone else do (I mean cheap certificates, 30$ or less).
full member
Activity: 1498
Merit: 146
StartSSL is good for starters, but I wouldn't recommend it long term. It's root certificate isn't fully trusted on all browsers. So you'll likely get the little yellow warning, which can make people think it's not trusted. I know on Firefox you can't browse a site with StartSSL unless you add its root authority to the certificate store manually. The free version has no validation or verification at all. Any scammer can get one, this is why it's not trusted fully.
rme
hero member
Activity: 756
Merit: 504
In the Bitcoin community we love crypto, that also includes loving https, bitcointalk.org, blockchain.info, bitstamp.net, bitcoin.org, all of them are using HTTPS right now.
Now you can also get a SSL certificate for your website for free (Yes, free as a free beer, forever) going to https://startssl.org

To setup and install it for free I recommend reading this tutorial:



# How To Set Up Apache with a Free Signed SSL Certificate

-> https://www.digitalocean.com/community/tutorials/how-to-set-up-apache-with-a-free-signed-ssl-certificate-on-a-vps

Note: it does not matter your provider, you dont need a server at digitalocean, it works in any Dedicated Server or VPS




Now that you have HTTPS in your website you should redirect http:// to https:// using this code in your .htaccess
Code:
RewriteEngine On
 RewriteCond %{HTTPS} !=on
 RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]



Also if you want enable HSTS to avoid SSLstrip attacks including this code in your .htaccess:
Code:
Header set Strict-Transport-Security "max-age=31536000" env=HTTPS
Jump to: