- Steve McNiven
Your website should have SSL in 2017, for many reasons. As the website states, Let’s Encrypt is a free, automated, and open Certificate Authority. SSL has traditionally been expensive and frustrating to setup (validation steps, etc, etc)
Lets Encrypt though takes ALL the headaches away though, certs can even auto renew for you! So lets dig into how we can get this setup in Sitefinity.
Of note is that the tool needs to generate a private key that gets validated so LE will need to be able to talk to you, so you can’t just fire up a local site with a hostfile entry, you need to resolve on a public dns. So I usually only setup LE for my public live sites, for private development I just stick to local certs.
- So step 1 is to go and download letsencryptwin, you can find the github project here, and the downloads under “releases” here.
- Download and extract the zip file to your server, it’s basically just the .exe and some config files
- In the site you want to install the cert create a new folder called “.well-known” on the root. This is where letsencrypt will create the challenge to validate your domain ownership.
- Open the commandline, run “letsencrypt --warmup”
- From the menu Choose “Create new certificate”
- Single binding to an IIS site
- Choose your IIS site (it’ll enumerate them and show the list)
- Choose Save file on local (network) path (as the validation option)
- Replace the task YES
- The last setting to specify a use is up to you if you need the task to run as someone specific.
Here’s how it should look
Done and done, you should see the cert in your IIS bindings now!
Now this of course works for just about any site, it’s not sitefinity specific
Coming in 2018 LetsEncrypt will also be issuing wildcard certificates to make your life even EASIER!
So this post isn’t “sponsored” or anything, lets encrypt is free, I just don’t want to have to keep paying for SSL, or have to get clients to go set it all up.
If you are experiencing issues with the above method, you might want to try Sitefinity 10.2 OWIN middleware integration.
Add the LetsEncrypt.Owin Nuget package, then impliment the Startup class into sitefinity from the following examples
Its really basically just the startup code and a webconfig entry, nothing complex.