Moving to HTTPS

October 5th, 2017
https, tech
About a year and a half ago I added HTTPS support to my sites but kept them running on HTTP for the time being. Chrome plans to eventually mark all HTTP pages as "Not secure", however, and HTTP is in fact not secure, so today I decided to switch over to HTTPS as the default.

Since Ubuntu 16 LTS ships with a very old version of the Let's Encrypt client I followed their instructions to move to a recent version. Then I put the following in my root crontab:

28 11 * * * certbot renew --quiet --post-hook "service nginx restart"

This runs the command daily at 11:28, which is a time I chose randomly. Random is good here: it keeps the load on the Let's Encrypt servers more consistent.

This tells the client to renew whatever cert I currently have, which I had originally generated with:

sudo letsencrypt certonly
   --webroot
   -w /var/www/    -d www.jefftk.com
                   -d     jefftk.com
   -w /var/www-fr/ -d www.freeraisins.com
                   -d     freeraisins.com
   -w /var/www-lw/ -d www.lilywise.com
                   -d     lilywise.com
   -w /var/www-tc/ -d www.trycontra.com
                   -d     trycontra.com
   -w /var/www-aw/ -d www.annakaufmanwise.com
                   -d     annakaufmanwise.com
   -w /var/www-oc/ -d www.olivercumming.com
                   -d     olivercumming.com
   -w /var/www-bd/ -d www.bidadance.org
                   -d     bidadance.org
   -w /var/www-rs/ -d www.regularlyscheduled.com
                   -d     regularlyscheduled.com
   --email jeff.t.kaufman@gmail.com
   --agree-tos

To switch over to HTTPS I've put:

server {
  listen 80 default_server;
  server_name redirect_to_https;
  return 301 https://$host$request_uri;
}

in my nginx config and removed all my listen 80 directives.

Since I'm still not 100% confident in my HTTPS setup I've put listen 8080 directives for each of my sites, so that it's possible to visit www.jefftk.com:8080 etc over HTTP.

Comment via: google plus, facebook, substack

Recent posts on blogs I like:

Linkpost for September

Regular announcements: did you know you can hire me for life coaching and general consulting? You can also buy my novella Her Voice Is A Backwards Record wherever fine books are sold (except Google Books).

via Thing of Things September 8, 2025

Against the Teapot Hold in Contra Dancing

The teapot hold is the most dangerous common contra dancing figure, so I’ve been avoiding it. The teapot hold, sometimes called a "courtesy turn hold,” requires one dancer to connect with their hand behind their back. When I realized I could avoid put…

via Emma Azelborn August 25, 2025

Little Puppy

She's very little and she likes to do stuff with me. She also likes to bark around and run around and jump around. She also likes to go to places with me and that's all I have.

via Nora Wise's Blog Posts August 23, 2025

more     (via openring)