Browse This Blog Over HTTPS!
Posted on January 08, 2015 in misc • 1 min read
Just a heads up to any security-conscious visitors: this blog is now browsable via HTTPS! Well, I did actually have a SSL certificate installed on my VPS for a while, but I didn't bother fixing up all the HTTP-only links scattered around my blog until now (which I've "fixed" by turning most of the links on this blog into relative URLs instead of absolute ones). The end result that this site is browsable via either normal, unencrypted HTTP, or via encrypted HTTPS.
Please let me know if there are any glaring issues that I've not yet noticed.
And yes, I'm using a StartSSL certificate. I'm not a fan of them ever since Heartbleed and their subsequent refusal to waive fees for revoking potentially compromised SSL certs, but there's no other widely accepted CA who offers free SSL certificates (and by "accepted", I mean CAs with their root certificate installed on most systems by default). I'm hoping that the Mozilla-backed Let's Encrypt initiative works out, but in the meantime I'm fine with using StartSSL.