LetsEncrypt
If you are exposing a server to the internet for services like IFTTT encrypting your communications with an SSL certificate is a good idea. Fortunately the Let's Encrypt project provides us a free way to do this.
We will be using the certbot client from the Electronic Frontier Foundation
Ensure you have port 443 forwarded through your firewall to the IP of your TCPLightingWebInterface host. Before beginning installation of certbot
Certbot has a prepackaged app for Raspbian that can automatically configure Apache to use the new certificate.
sudo apt-get install python-certbot-apache
Running this next command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it.
sudo certbot --apache
If you did the advanced configuration with virtual hosts certbot will automatically find the hostname you configured. Otherwise enter your hostname i.e. tcplighting.hopto.org when prompted.
Answer the remaining questions asked by the installer to continue.
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
sudo certbot renew --dry-run
The cron file is automatically created in /etc/cron.d
You are now ready to move on to the WebInterface Install
