Can anyone please recommend a reputable place to get an SSL cert? I have a bunch of Web sites showing "Not Secure" and it's effing annoying. Thanks, Keith
I use Let's Encrypt mainly and also recommend it. If your websites/apps are already on AWS, I recommend AWS Certificate Manager (ACM) which also gives free SSL certs.
My vote goes for Let's Encrypt aswell. Also depends where you host your websites maybe check the ssl certs on your hosting provider or if you have your own server Let's Encrypt is your best choice.
I think it's OK to use a self-signed certificate for internal sites (e.g. behind VPN and you or only members in your organization are the only ones using it). The "Not secure" warning on your browser won't go away with a self-signed SSL certificate, but your traffic is still encrypted. But I think OP's issue is with a public site that he/she is hosting, so they need a verifiable certificate authority.
So this was a huge help. I host about 20 sites on the side, and I'm migrating them off my GoDaddy hosting. They recommended I purchase Business hosting for about $650/year, which comes with a cert for all hosted sites. Instead, I set up nginx on an AWS Ubuntu instance, created a cert via letsencrypt, and manually installed by editing nginx.conf. voila! Everything up, running, and secure at a fraction of the cost. Furthermore, I now understand the cert creation and installation process. I really appreciate the recommendation.
Just to be sure you crossed all the T's - the certs have a lifetime of 90 days, so I'd recommend you set up some kind of autorenewal process. Something like adding this to your Ubuntu instance's crontab: ``` 15 3 * * * /usr/bin/certbot renew --quiet ``` Alternatively I've had good experience using Traefik in lieu of nginx and Traefik also performs auto-renewal for you.