Self Signed & Free Certificates
====================================================================================
Self-Signed Certificates
- Generated using OpenSSL: You can generate these certificates yourself without any cost.
- Not Trusted by Browsers: Browsers and operating systems do not recognize self-signed certificates as trusted because they are not signed by a recognized Certificate Authority (CA). This results in security warnings when users visit your site.
- Use Cases: Self-signed certificates are typically used for internal testing, development environments, or intranets where trust can be manually configured.
Let's Encrypt Certificates
- Generated using Let's Encrypt: Let's Encrypt is a free, automated, and open CA that provides SSL/TLS certificates.
- Trusted by Browsers: Certificates from Let's Encrypt are recognized and trusted by all major browsers, ensuring that users won't see security warnings when visiting your site.
- Automation: The process can be automated using tools like Certbot, which handles the issuance and renewal of certificates.
- Free: These certificates are provided at no cost.
====================================================================================
LetsEncrypt
------------------------------------------------------------------------------------------------------------------------------------------------
Apache
https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-centos-7
Running certbot for a single domain
sudo certbot --apache -d example.com
Running certbot for multiple domains (or subdomains)
sudo certbot --apache -d example.com -d www.example.com
------------------------------------------------------------------------------------------------------------------------------------------------
Nginx
Generate a certificate to be manually installed
certbot certonly -manual -d example.com -d example.com --webroot -w /path/to/doc/root