A digital certificate allows users of a web service to verify the identity of the service and to securely communicate with it. FreedomBox can automatically obtain and setup digital certificates for each available domain. It does so by proving itself to be the owner of a domain to Let's Encrypt, a certificate authority (CA).
Let's Encrypt is a free, automated, and open certificate authority, run for the public's benefit by the Internet Security Research Group (ISRG). Please read and agree with the Let's Encrypt Subscriber Agreement before using this service.
The communication with your FreedomBox can be secured so that it is not possible to intercept the content of the web pages viewed and about the content exchanged.
If your FreedomBox is behind a router, you will need to set up port forwarding on your router. You should forward the following ports:
TCP 80 (http)
TCP 443 (https)
Make the domain name known:
In Configure insert your domain name, e.g. MyWebName.com
Verify the domain name was accepted
Check that it is enabled in Name Services
Go to the Certificates (Let's Encrypt) page, and complete the module install if needed. Then click the "Obtain" button for your domain name.
After some minutes a valid certificate is available
Verify in your browser by checking https://MyWebName.com
Screencast: Let's Encrypt
The certificate is valid for 3 months. It is renewed automatically and can also be re-obtained or revoked manually.
With running diagnostics the certificate can also be verified.
Upstream project: https://letsencrypt.org
User documentation: https://letsencrypt.org/docs/