Let's Encrypt installation

Status
Not open for further replies.

ryansco2

New Member
Messages
3
Reaction score
0
Points
1
Hi,

Was wondering if i was able to install a ssl certificate from let's encrypt on my website?

Thank you, Ryan
 

danielle.seiley61

Member
Prime Account
Messages
95
Reaction score
3
Points
8
If you use CloudFlare, you can use their flexible SSL for free. See https://www.kolbys.net/wp-content/uploads/2016/06/free-wifi-300x202.png as an example.

The problem with Cloudflare's flexible SSL is that information sent from the your x10 server to cloudflare's server is not secure. Also the website's visitor's actions on the website is not secure. The only thing that's secure is the information your visitor receives on website that's coming from cloudflare's servers.

While this might work for some, It's not a a one size fits all solution. With my website, for example, you'll see a locked icon with an exclamation mark depending on which browser you use. Regardless though of which browser you use if you click on the symbol it will tell you that the site is not fully secure and that certain items like images are not secure.

In addition, and I'm no expert, but if I do force my site to use the https protocol then certain sites will not load in my site's lightboxes. I don't know if that is because my site's not fully secure or if their site's not secure at all.
 

lylex10h

Active Member
Messages
982
Reaction score
71
Points
28
I have created a test SSL page at http://kolbys.net/ssl.htm and checked it with:
Apple Safari 11.1
Google Chrome Version 65.0.3325.181 (Official Build) (64-bit)
Microsoft Edge 41.16299.248.0
Microsoft Internet Explorer 11.309.16299.0
Mozilla Firefox 59.0.2 (64-bit)

All browsers listed the site as secure(no exclamation mark). Can you please indicate the browser and version you are using that shows that on my test site?
 

danielle.seiley61

Member
Prime Account
Messages
95
Reaction score
3
Points
8
I have created a test SSL page at http://kolbys.net/ssl.htm and checked it with:
Apple Safari 11.1
Google Chrome Version 65.0.3325.181 (Official Build) (64-bit)
Microsoft Edge 41.16299.248.0
Microsoft Internet Explorer 11.309.16299.0
Mozilla Firefox 59.0.2 (64-bit)

All browsers listed the site as secure(no exclamation mark). Can you please indicate the browser and version you are using that shows that on my test site?

As far as I can tell your page is fully secure. However though we using different content management systems as well. I'm no ssl expert or technical expert, so I don't know what the true differences are between our sites. If you want, pm me, and I'll send you a link to my site so you can see for yourself what I'm talking about.
 

danielle.seiley61

Member
Prime Account
Messages
95
Reaction score
3
Points
8
No I haven't but since you view-sourced my link then you know that page is fully secure. However, as it stands when I open the site up to the public it won't be fully secure afterward. I'm looking into this, now...
 

wooprapp

Member
Messages
110
Reaction score
7
Points
18
No I haven't but since you view-sourced my link then you know that page is fully secure. However, as it stands when I open the site up to the public it won't be fully secure afterward. I'm looking into this, now...
How's the new Cloudflare SSL working for you buddy? :)
 

lylex10h

Active Member
Messages
982
Reaction score
71
Points
28
@alessa21 You need to use Cloudflare's name servers. Set the DNS records there and change NS at your domain registrar.
 

krixanox

New Member
Messages
3
Reaction score
0
Points
1
Do NOT rely solely on Cloudflare's SSL if you have a dynamic website - your website appears as secure only because Cloudflare's servers are giving the content back to the client via SSL - but Cloudflare does not use SSL to communicate with x10hosting's servers - it can't unless x10hosting allows for this (x10hosting can handle this for free if they actually improved their service - they can do a global SSL certificate for all the sites on the server - but as far as I'm concerned, this service is mostly dead considering they haven't posted any news since 2016).

If you do this, imo, you are commiting fraud and you are making your site and all of your users vulnerable to attacks and stolen information.
 
Status
Not open for further replies.
Top