SSL Certificates In Your Development Environment
We have recently started using SSL certificates in all our development environments, to more closely mirror production systems, which should absolutely, no exceptions, be running over SSL these days.
This is not a problem for clients who have wildcard SSL certificates, which would of course cover
dev.clientproject.com, but for small clients, new projects or even sometimes larger and less agile organisations, this is not always possible. Not to mention those small in-house projects or proof-of-concept sites which don’t warrant what is arguably a non-essential expense.
In these cases we can now fall back to the Let’s Encrypt service which has matured considerably in the last few years into a reliable and straightforward solution.
To get started we install the
certbot Python app which helps us request and renew our Let’s Encrypt certificates, on Ubuntu (16.04 in this case) with Apache. First add the repository then go ahead with installing the package and it’s dependencies.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install python-certbot-apache
Now we can request and install our first SSL certificate. It’s worth noting here that the domain must be publicly accessible for the Let’s Encrypt verification process to work – it doesn’t have to be running over SSL for this to happen of course. You can include additional domains by adding further
$ certbot --apache -d dev.somecrazy.com
After a series of questions you should see confirmation that your new certificate has been issued and installed, so simply restart Apache and give your site a try over HTTPS. Depending on your browser, and whether you had a certificate in place previously, you may need to clear your cache or restart your browser to receive the new certificate. Until then you may still receive a security warning, until the new certificate is downloaded.
Find out more about Certbot here: certbot.eff.org.