I've been blogging for 23 years as of today.
This is also the first day this blog is being served up via
All I had to do was just install the latest version of Apache on my server.
It took several days,
but I got the latest version of Apache compiled and installed on my server.
I did it the hard way.
What better way of knowing how things work than doing it the hard way.
I then spent Saturday updating the configuration.
There were a few changes,
NameVirtualHost being deprecated,
and having to add “
Protocols h2 h2c http/1.1” and “
Require all granted”.
Once that was done and the new server was up and running,
then I dove into the whole “Encrypt All The Things!” rabbit hole
(I know, I know, 2015 called and said I was late to the party).
A recent post of mine made it to The Orange Site and fully half of the comments were about the disturbing lack of
faith TLS I had.
Apache has a module to handle certificates from Let's Encrypt
(or others places that support the “certificate update dance” protocol).
there are subtleties not mentioned in the documentation.
(which I need for my setup—don't ask)
not being documented.
Or the fact that if you make any type of mistake
(like using the wrong domain name because you cut-n-paste the configuration from one host into another and forgot to make the domain name change,
or using “
SSLEngine on” in the wrong place,
or forgetting to add
acme-tls/1 to the
everything goes pear shaped and Let's Encrypt will rate limit and … ugh.
I'm just lucky I have a few domains to practice on before enabling it for my main sites.
But I was able to finish in time for the 23rd anniversary of my blog and get that stupid little lock on my site.