In the modern internet age, delivering web content over a secure protocol has become essential.
Since January 2017, Google attaches a warning label to any website that does not secure sensitive web page content by delivering it using HTTPS. This includes web pages that contain forms asking for usernames, passwords, credit cards and other sensitive information.
In the near future Google plans to roll out a requirement for all web pages to be secured. Warning labels will become progressively more aggressive, and eventually highlighted in red, bold colors on the address bar.
It is easy to see the consequences of not complying with this new requirement. You invest time, money and energy to drive traffic to your website. Your users expect a secure browsing experience and will likely be deterred from using your page when they see such warning labels attached.
There is a common misconception that securing a webpage over HTTPS requires expert server knowledge and is a costly and cumbersome process.
The purpose of this course is designed to teach you everything you need to know about HTTPS and SSL certificates. We start with the basics. Exploring the theory and definitions that will be useful in developing your understanding.
From there, we dive into configuring a server on Digital Ocean and installing a free SSL certificate known as Let’s Encrypt. We also explore setting up Cron Jobs on an Ubuntu server, to automatically renew your certificate periodically.
After completing this course, you will easily be able to secure any web page using HTTPS and free SSL certificates.
This lecture introduces many key topics such as:
This lecture introduces students to the three main types of SSL certificates. This includes:
We explain how each can be distinguished through a unique set of attributes.
This lecture explains how SSL certificates encrypt and decrypt data using mathematical hash values, and a public and private key pair. We also explore the digital signature, and it's important role in making sure a certificate is not fraudulent or altered.
This lecture explains in theory, how a certificate is obtained and verified through a Certificate Authority and our local system.
This lecture introduces students to Let's Encrypt. A free public authority that issues SSL certificates using Domain Validation. We explain the benefits of Let's Encrypt and some important information about this revolutionary new service.
Students learn to change name server settings in their domain registrars admin panel to point to Digital Ocean.
Students learn the signup process on the Digital Ocean website.
We explore several server configurations offered by Digital Ocean.
Students learn to create a droplet (Virtual server) using the Digital Ocean admin panel.
Students learn to connect to their newly created Digital Ocean droplet using Terminal for MAC or PuTTY for Windows.
Students learn to convert their Droplet into a web server using LAMP Stack (Linux, Apache, MySQL, PHP).
Students learn to configure DNS settings using the Digital Ocean Dashboard. We demonstrate how to ensure a specified domain name points to the desired droplet.
Students learn to configure a host name and date/time settings on their Digital Ocean droplet.
Students learn to install the Let's Encrypt client and use it to install a Let's Encrypt SSL Certificate.
Students learn to check the validity status of their newly installed certificate.
Students learn to redirect all domain name variations, such as: www, ip address, http://, to the https version of their website.
Students learn to automatically renew their certificate using "cron jobs" in Ubuntu's Crontab.
This Quiz should be taken after all modules are completed. The questions cover a broad range of topics covered in each lecture.