Security: Webserver HTTPS with Self Signed Certificate Do it yourself in 5 Minutes!!

Today the Point of Security and encrypted Webserver Communication is rolling over every User who hosts own Websites on the Internet. Last decades HTTPS was only used by Online Login Pages like Shops and Banks to verify the Communication between a User PC and the Website. But after January 2015 the most Search Engines like google decides to force index of Websites with HTTPS Protocol. The Background is that a TLS encrypted Connection isn’t easy to track and to force „drive-by-load-Viruses“ to the Website Visitors.

Self Signed Certificate Sample
Self Signed Certificate Sample

But a lot of Webmasters of the Opensource Community were angry about this handling. Thats is not real problem if you won’t buy a SSL/TLS Certificate. Every Webmaster can create a self signed Certificate on his Webserver if he is able to login via ssh and to config the Webserver like Apache. Self signed Certificates are warned by the Webbrowsers at the only first view, but if the User wants to install the Certificate the Browser isn’t warning next visits!

The Search Engines like Google don’t check the trust of the Certificates by the robots and so your Site will be good placed on the Index like the last decades. The ONLY thing is that you MUST move all Files,Images, Internal Links and Bookmarks to „https://“  that the „LOCK“ of the Browser Dialog is „CLOSED“  and „GREEN“ like on the Picture .

Of course if you want, you can buy and install „Domain Name Trusted“ Certificates, but if you only host private Websites/Blogs you won’t really pay over 100$ per Year for the Certificates.

Advantages:

  • Secure Login to your Site/Blog
  • Encrypted Transfer of Data
  • Security for your Visitors
  • No Drive-BY-Loads
  • Less Content Stealing

You will remark next years that the internet will be moved to HTTPS!

To create a Certificate use „OPENSSL“ with this command,answere the Questions of the Script, later put the Certificates .crt and .key to /etc/ssl/.. and tell Apache to pull them there!

$sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout mysitename.key -out mysitename.crt

Change System Crypt Password Debian Ubuntu LVM Full Encrypted System

Solution:
The new NEW Password must be set before you delete the old!

– open Console!
– Login as root! with #sudo -s
– enter #cryptsetup -y luksAddKey /AddKey /dev/sdaX
– System prompt for old Password, enter it now!
– then enter new password min 8 Characters
– System should show „Command Successful“
– if not search error!!!!
– now delete old Password! 8 different Words can be saved! cause 8 Memory Sockets available by cryptsetup
– enter to delete #cryptsetup luksDelKey /dev/sdaX 0
– 0 = First-Memory Socket !!
– enter new set Password to open Socket-Database
– System must show „Command Successful“
– if not retry! DO NOT REBOOT if FAILS!! YOU WILL LOSE DATA!!
– If you on one day lose GRUB Bootloader boot with
Install CD and take Recovery Mode this allows you to
reach and encrypt Disk! But only with successful password
set!!!

Do ALWAYS full encrypt EVERY Mobile PC/Laptop! you get it
easy with Debian-Install-CD – Expert-Mode! (Fast-Setup 12Minutes)
Office PCs should be encrypted too!

For Super Security google for USB-Tokens for Linux! You can setup
this Token and Password to encrypt Systems!

Cause a PC / Laptop is cheap but your Data/private Images are priceless!!