Richard Tallent’s occasional blog

SSL, Finally

Another “finally” post.

I’ve wanted to convert this blog and my main site to SSL for awhile. I don’t do financial transactions through my sites, but some of the latest web tech (such as service workers and push notifications) requires SSL. Google seems to be heading in the direction of prioritizing secure web sites in its search results, and I also don’t want someone else’s ISP to inject ads on my site, recompress my images, etc.

But I’m also cheap, so I’m not paying for a cert for a web site with such low traffic. So I turned to the Let’s Encrypt “certbot” tool, which provides short-term certificates for any web site. The problem has been that, at least for me, I couldn’t get their damned tool to work with Apache on OS X. I have about a half-dozen virtual hosts on this serer – my sites, my wife’s site, and some random personal projects I’ve played around with – and certbot simply can’t seem to handle configuring Apache correctly.

Today, Delanea is helping a friend move and the kids are with my in-laws, so I finally had a chance to sit down and futz around with the various *.conf files to get SSL enabled and all traffic forwarded from http to https.

If you’re reading this post using an RSS reader, please drop me an email at richard@tallent.us. I just want to be sure that the combination of redirects I’ve been making moving from WordPress to Hugo and now to secure URLs hasn’t massively broken everyone’s feeds. IF you want to update your feed to the latest and greatest URL and avoid some redirects, here’s the URL:


I no longer have category-based feeds with Hugo, and any blog-related URL off of www.tallent.us is no longer active.

The next challenge will be automating certbot (which did at least create the certificates) to update the certs every few months so the site doesn’t go down. Them’s the breaks using a free certificate, I guess.


comments powered by Disqus