Ever since my recent deep-dive into SSL and online security, I have worked to give all of my sites certificates so that user data can be securely encrypted while in transit to my server. Part of my motivation comes from an amazing podcast series called Security Now.

I host several sites on my server, and I did not want to pay a certificate authority for certificates just so I can protect my users' data. Thanks to my recent experience in issuing SSL certificates using a custom certificate authority, I now have the means to generate certificates for all of my sites so that they all trace their trust to a single root certificate. Therefore, any users wishing to encrypt their data on my sites need only to mark my root CA certificate as trusted—assuming my users do indeed trust me.

If you trust me and wish to use high-grade1 SSL encryption on my sites, check out how on my new secure access setup page.

Excluding trust issues, my Qualsys SSL Labs score is an A:

<a href="/assets/2014/11/qualys-report.pdf">
  <img src="/assets/2014/11/qualys-summary.png" class="figure-img img-fluid rounded" alt="Qualsys SSL Labs Server Test Report Summary">

I’m still in the process of setting up, but soon all of my sites will work on both HTTP and HTTPS. The parts of sites that transmit personalized, user-specific data will soon be available through HTTPS-only.

  1. I use 4096-bit RSA keys with 256-bit signatures and ephemeral elliptic curve Diffie-Hellman key exchange parameters. ↩︎