As a community, we're increasingly concerned about the amount of unencrypted traffic which is passing over the internet for all to see. Historically, website owners have had to pay certificate authorities to issue them with a certificate allowing this traffic to be encrypted end-to-end and many didn't see the need to do this.
Fortunately, times have moved on a little bit and a new free certificate authority, called Let's Encrypt, launched yesterday. We've been following this with great interest since it was announced last year and are really excited with how we can integrate it into the Viaduct service.
Starting today, adding SSL certificates to your domains on Viaduct is completely free. No more £10/month for a certificate or £2.50 to upload your own certificates - you can now request a Let's Encrypt certificate or upload your own without any charge at all.
What's changed then?
Anyone is now able to install a free Let's Encrypt certificate on any non-wildcard domain hosted on Viaduct. As soon as you've created the domain and pointed its DNS to us, you can enable this.
Alternatively, you can upload your own certificate for any domain without charge. This is useful if you want to use an EV (green bar) certificate or want to use SSL on a wildcard domain. Obviously, you'll likely need to pay a certificate authority for the certificate itself.
Both free & custom certificates are served to users using SNI which allows us to have multiple SSL certificates on the same physical IP address. With the depletion of IPv4 addresses, we aren't in a position to offer everyone a public IP address however if you require a non-SNI based SSL setup, you will need to purchase a public IP address. Please [contact us](mailto:(mailto:team@viaduct.io) for further information about this.
When I can use this?
It's ready now! All domains currently on Viaduct have been issued with a Let's Encrypt certificate so you should be able to just change http:// to https:// and access your site securely.
Now you have a secure site, we recommend that you redirect all non secure requests to HTTPS. You can do this through myViaduct, just go to the domain and choose the Redirect non-secure requests to HTTPS option.
I already use SSL on Viaduct
If you have enabled Standard SSL on a non-wildcard domain, it will already have switched over to a new Free SSL certificate from Let's Encrypt. You also will notice that you will no longer be billed the £10/month for this.
If you have enabled Standard SSL on a wildcard domain, it will continue to use our now legacy SSL service. Unfortunately, we cannot offer free certificates for wildcard domains so you will need to upload a custom certificate to cover your requirements in this area. We can help with this, just email us for assistance and we'll get you moved over. The legacy SSL service for wildcard domains will be disabled on 24th February 2016.
If you have uploaded your own certificate to any domain, it remains in place but you will no longer be billed the £2.50/month.
More information
You can find additional information about how each of your domains is currently configured through myViaduct. Open up the application, choose Domains and then click Details next to the domain you wish to check.
If you have any questions about any of this, please [contact us](mailto:(mailto:team@viaduct.io) and we'll be happy to assist.