Free SSL Certificate, Let’s Encrypt

While I was first launching this blog, I already got an SSL certificate from StartCom. It doesn’t bother me much rather than the renewal every year. But a couple of days ago, Chrome still didn’t recognise the certificate after I renewed it. After some search, I realised StartCom get themselves banned by Chrome and Firefox.

So I went to research again and found the CA I’m currently using, Let’s Encrypt.

Differ from StartCom, Let’s Encrypt has a program can be run directly on the server to get a certificate and auto-configure HTTPS (didn’t work though), which is much easier.

According to the doc, all I had to do was just downloading and then running.

    chmod a+x certbot-auto

Unfortunately, it doesn’t recognise my Nginx settings, so I had to get certificate firstly and configure it myself manually

    ./certbot-auto certonly

During the run it will promote to let you enter the domain name and the root of web server etc., you can refer the official site( for detail. But in general, it was pretty easy and nice.