We recently covered the way to switch your DreamHost hosted site to HTTPS with the help of CloudFlare. If you’d rather not use CloudFlare, there’s now another way to get the green lock on your site for free – Let’s Encrypt.
Let’s Encrypt is a new certificate authority that was setup to help make encrypted websites the de-facto standard of the web. They recently entered public beta, and DreamHost has already added the option of using Let’s Encrypt certificates to their web panel. To get one for your domain, log in to your DreamHost panel, and go to Domains > Secure Hosting.
We at Tech Orbiter will continue to use CloudFlare’s certificate for a number of reasons (HTTP/2 support, CloudFlare performance enhancements, DDOS protection, etc), but we have switched to Let’s Encrypt from a self-signed certificate in the backend. This future proofs the site if we decide to stop using CloudFlare for some reason (to be honest, that seems very unlikely). We have also changed the CloudFlare Crypto settings to “Strict” for better security between CloudFlare and the origin DreamHost server.
If you’ve been on the fence about switching to HTTPS, now might be the time to make the switch.