Let’s Not Encrypt

Oh, so you thought since I’ve “gone pro” I wouldn’t be posting any more angry rants on the blog. Yeah, well I thought that, too.

…until this morning, when I tried to get an SSL certificate for my website.

First let’s go ahead and answer the question of why the hell I would do that.   This is a blog, not a bank, hospital, eCommerce website or government entity.    Why do I need to encrypt my traffic with an SSL cert? I don’t. But having one makes things look more professional. Plus:

  1. I support the idea of encrypting EVERYTHING. Because reasons.
  2. Google has announced that they will flag unencrypted sites as unsafe in their Chrome browser and may in the future penalize non-ssl sites in search rankings.
Your Connection to this site is not secure.
Well, Damn.

Fortunately, there is a service called Let’s Encrypt that will provide free SSL certificates to anyone who asks. Not only that, the process of obtaining the cert is simple and quick, unlike how it was the last time I looked into getting one. With that, the only thing preventing me from encrypting this website’s traffic was my own laziness.

So off I go to Let’s Encrypt…. and Here Come The Shenanigans. It seems that only certain web hosts support the “simple, easy” process of obtaining the free cert. Surely since my web host (Hostgator) is one of the more popular ones they must be on the rather long list of supporters. Ah, yes, they ARE on the list! At the bottom. Where it says “waiting/delayed”. Wha-huh!?

Fine, let’s check out Hostgator’s website and see what they say. I’ll skip the technical details just summarize what I found. Yes, I can get a free cert. But I can’t INSTALL it on my own, and Hostgator wants to charge for the job. As far as I can tell, my options are thus:

  1. Pay my web host $40 a year for an obviously non-free SSL cert.
  2. Pay my web host $10 every few months (every time the cert renews) for the privilege of using a free cert because they have to install it for me.
  3. Upgrade my hosting package (costs vary) so that I can install the free cert myself for free.
  4. Change web hosts (costs unknown, but then there’s the time/energy involved in a server move) so I can use the free cert for free.
  5. Fuck off and forget about the whole thing.

In other words… free isn’t free for me because I’m a cheap-ass. Great. No, really. I’m perfectly fine with this. Or, I would be if Google wasn’t pushing the SSL issue, trying to turn it into something webmasters HAVE to have to avoid penalties even if there is literally nothing on a website that needs to be encrypted. But they ARE doing that. So now I’m pissed.

And don’t misunderstand; this isn’t a matter of money. I can pay hostgator. I can change web hosts. But shouldn’t HAVE to do EITHER of those things, because I shouldn’t HAVE to get an SSL cert for a damned blog.

So who should I be pissed at here? My hosting company for trying to make money? I am 100% happy with their service, and the few times I’ve interacted with them have been smooth. They are both cheaper AND better than my previous two or three hosting companies. I have no real reason to leave OR upgrade. Only fake reasons. Actually just the one fake reason.

Should I be mad at Google for trying to force something good (something I actually agree with) onto the internet? Hmmm, let’s move on while I think on that…

Should I be mad at myself for not wanting to pay more for a higher level of service or spend hours/days moving to another webhost when I’ve got more important things to do? All for something I don’t even need?

Or maybe I should be mad at myself for believing for a second that “free” actually meant free, despite having lived on this planet long enough to know better. Apparently I’ve reached the age where I have to be reminded of simple things.

Yeah, I think you see which way I’m leaning here. So screw it. I’m out. My search engine rankings are garbage anyway. When I eventually change hosts or upgrade my hosting service for some REAL reason, I’ll get a cert. Until then…

To Hostgator: Meh, whatever. I get it. Capitalists gonna capitalize.
To Google: You guys can fuck right off with your bullshit. And this is from someone who’s on your side. A writer’s blog does not NEED to be encrypted. A small business owner should not be penalized, even a little bit…. even IN THEORY… for not wanting to pay (with money and/or time) for a totally unnecessary “free” ssl cert. So fuck you.

3 thoughts on “Let’s Not Encrypt

  1. For every small website that gets boned on rankings for not getting a “free” SSL cert, Google should have to pay the costs of doing so…

    Yeah, I know. Unicorn farts and whatnot.

  2. Hmmm.

    It sounds like you support the idea of encryption all the time.
    But that takes someone’s time and effort. So not expected to be free?

    So just gets under your skin by the feeling they’re underhandedly saying free, it sounds like.

    Yeah, I can see that.

    1. Yeah, I do support and strongly encourage encryption, even when it isn’t necessary. Encryption should be the default for internet communication… but it should happen voluntarily. The folks at Lets Encrypt are providing a hell of a service in making it free and easy. I just happen to be part of the minority(?) that can’t use it.

      As I said in the post, I’m fine with my webhost being “greedy” as long as SSL encryption doesn’t become a requirement. But then Google decided to throw their weight around.

Leave a Reply