After the invitation email to the closed Letsencrypt beta a few days ago I set everything up to enable the new certificate on on my major websites:
- and a few old websites mostly to forward to the new ones
The other domains will follow as soon as whitelisted by Letsencrypt. Got the email today; done :)
The default is still HTTP because nobody except me needs to login on any of my websites and everything is public anyway. After reading this I decided to make HTTPS the default and thus enabled HTTP Strict Transport Security (HSTS) as described in this tutorial :)
The results is an A+ rating on SSLLabs.com :)
In this WordPress blog I had to change both „WordPress-Address (URL)“ and „Website-Address (URL)“ to https://…
Then I used the WordPress plugin „Search Regex“ to replace every http://-URL to images in this blog and to my other websites with https://.
Trouble with Piwik
Because of a self hosted Piwik instance I had some trouble and had to do a bit of configuration stuff in order to make https AND http work.
Instead of setting http or https in the Piwik URL one has to set it without a protocol prefix, so instead of „https://piwik.natenom.com“ or „https://piwik.natenom.com“ set it to „//piwik.natenom.com“.
If the client uses http it will use http for Piwik, too. Same goes for https.
Where to change the Piwik URL:
$wgPiwikURL in LocalSettings.php
Admin section -> Configuration -> „plugin -> piwik -> piwik_url“
- WordPress: Don’t know as there were no problems with it :)
In Piwik itself, I also added the https:// URLs to the list of valid URLs of every single website but I don’t know if this was needed.
While working on the setup of my websites I also enabled HTTP/2 (for https only).