4elements web design & consultancy



  • like 2 25

    Using Let’s Encrypt SSL With Your WordPress Project

    What's Let's Encrypt?

    For years, purchasing, renewing, installing and managing SSL certificates overwhelmed me with expense and complexity. Now, Let's Encrypt makes it fairly simple and free.

    Let’s Encrypt is an emerging, free, automated, and open certificate authority brought to you by a California public benefit corporation called the Internet Security Research Group—it also has nonprofit status. 

    Its goal is to make HTTPS become the default Internet browser protocol to ensure greater privacy and security on the web. Mozilla and the Electronic Frontier Foundation are two of its platinum sponsors:

    Whats Lets Encrypt Platinum sponsors

    Let's Encrypt entered public beta in December, so I can now easily guide you through exploring its services.

    In this tutorial, I'll walk you through installing Let's Encrypt on a few of my websites, including my WordPress consulting website,, soon to be https://.

    Before we get started, please remember, I do try to participate in the discussions below. If you have a question or topic suggestion, please post a comment below or contact me on Twitter @reifman.

    Let's Encrypt Feature Summary

    Let’s Encrypt runs on Python working with Apache to automate certificate registration and renewal, simplifying the process of activating HTTPS capability for any website, including WordPress.

    Here are the key benefits that Let's Encrypt delivers:

    • Free: Anyone with a domain name can register a trusted certificate without cost.
    • Automatic: An Apache web server can easily acquire a certificate, securely configure it, and automatically manage renewal.
    • Secure: Let’s Encrypt will advance TLS security best practices, both as a Certificate Authority and by helping sites maintain secure servers.
    • Transparent: All certificate transactions are publicly recorded and available for inspection.
    • Open: The automatic issuance and renewal protocol will be published as an open standard.
    • Cooperative: Let’s Encrypt is a community effort to benefit everyone.

    Installing SSL With Let's Encrypt

    Let's begin by updating my server, Apache Ubuntu.

    If you don't have Git installed on your server, it's best to have it to install Let's Encrypt:

    Once installed, clone the Let's Encrypt software into the Apache opt sub-directory for third-party applications:

    First I experimented with installing Let's Encrypt on my Fever news reader application, not WordPress. I host it at

    The Setup Wizard

    To begin, you'll be asked for your email address:

    Lets Encrypt Installation Email Request

    Then shown the Terms of Service:

    Lets Encrypt Installation Terms of Service

    Let's Encrypt gives you the option of offering HTTPS as a secondary option or directing all traffic to HTTPS:

    Lets Encrypt Select HTTPS mode

    You're done in minutes:

    Lets Encrypt Congratulations

    You'll also be shown some notes on certificate expiration and renewal:

    Installing on WordPress

    To install Let's Encrypt SSL on my WordPress consulting site, it was just as easy. There was just one minor difference. I asked Let's Encrypt to support the www sub-domain as well:

    You can go visit it now, either HTTP or HTTPS, you'll end up here,

    Lets Encrypt Lookahead Consulting

    SSL Reports

    You can go to sites like Qualys SSL Labs to get a site report on your SSL capability:

    Lets Encrypt SSL Qualys Labs

    Here's the authentication page:

    Lets Encrypt SSL Qualys Labs Authentication

    Certificate Auto-Renewal

    Auto-renewal is pretty simple too. First, we grab the renew script and give it execution privileges:

    Lets Encrypt Set up auto renewals

    Then run the script for each domain:

    And you can set up a cron job to run regularly:

    Add this line:


    I did run into a few quirks that I thought I'd share. When I installed SSL for my old Community Starter open-source project (both root domain and www), Let's Encrypted gave this error:

    I had set up a wildcard alias in my conf file:

    This change fixed it, adding an alias for www holdouts:

    Then the home page embedded Vimeo video failed:

    Lets Encrypt Vimeo Not Working with HTTPS

    I just had to change the iframe to the Vimeo player to use HTTPS:

    Problem solved:

    Lets Encrypt Vimeo Working with HTTPS

    In Closing

    I'm very impressed with the community goal Let's Encrypt has delivered on with quality and ease. Web publishers everywhere will benefit from simple, free SSL. Thank you EFF, Mozilla, and Let's Encrypt!

    Lets Encrypt Donate

    You can donate to either Let's Encrypt or EFF to support this work:

    You can learn more technical detail about their software here. Let's Encrypt also has a well-structured community forum:

    Lets Encrypt Community Forum

    What's Next?

    Let's Encrypt is actively working on finishing its first public release:

    We have more work to do before we’re comfortable dropping the beta label entirely, particularly on the client experience. Automation is a cornerstone of our strategy, and we need to make sure that the client works smoothly and reliably on a wide range of platforms.

    To keep up with the latest code, just update your git tree occasionally:

    My primary WordPress site runs with Varnish 3.x currently. This doesn't work out of the box with Let's Encrypt. I will probably spend some time soon tracking down a solution for that.

    In the meantime, if you're looking for other utilities to help you build out your growing set of tools for WordPress or for code to study and become more well-versed in WordPress, don't forget to see what we have available in Envato Market.

    If you have questions, please post them below. Or you can contact me on Twitter @reifman. Please check out my Envato Tuts+ instructor page to see other tutorials I've written, such as Cloning WordPress in Linux (in 90 seconds).

    Related Links

    martijn broeders

    founder/ strategic creative bij 4elements web design & consultancy
    e-mail: .(JavaScript must be enabled to view this email address)
    telefoon: 06 38 55 28 54

Per - categorie

    Op - datum