Shortly after re-making my website I got a little obsessed with Google’s Page Insights and optimising how quickly my website loaded. Since I am using a cheap host one of the negative points was that the server response times were a bit slow.
To try and get around that (especially away from Europe where my site is hosted) I decided to try out a CDN. Cloudflare is one of the largest CDN’s and provides a free option for anyone not needing fancy tools (like personal SSL certificates). After some fairly simple configuration I had the DNS for my site pointing to some Cloudflare servers, and SSL all the way through. Both OVH (my host) and CloudFlare offer free Lets Encrypt certificates, but Cloudflare requires a separate one as they can’t do any fancy load balancing on encrypted data.
In what is probably a wise move, Lets Encrypt force SSL certificates to expire after 90 days. In another wise move, OVH won’t automatically issue certificates if your DNS zone isn’t on their network. Makes sense. Also, if your site doesn’t have a valid SSL certificate, Cloudflare will block access to it (if you have SSL enabled)… Fuck…
My site temporally became so secure, not even I could get onto it. So after more configuration, I had reverted my DNS to be provided by OVH and generated a new SSL certificate. What Lets Encrypt are doing is really good, there is now no reason not to have a valid SSL certificate for your domain. However, it’s not as simple as it could be, anyone getting SSL issues like this would be tempted to give up on the whole thing.