Let’s Encrypt is a fantastic initiative that gives you a free SSL certificate (secure certificate) for your website. This means your site can run on https rather than http, a great step for security, customer confidence and SEO.
However, for Let’s Encrypt to issue you a free SSL certificate, you need your website to be running on it’s correct domain. Well that’s easy right? No. There’s actually a major time when this isn’t easy – when you’re launching a new replacement website. By “replacement website” I mean you already have a website running on a domain name, and you’re making a new site on new hosting for that domain. In this case, you’ll probably have your website running on a staging domain – such as staging.yourbwesite.com – yourname.yourdeveloper.com.
There’s also the times when you’re moving hosting – meaning your website might be staying the same, but it’s a new hosting account which whill ultimately house your existing website and domain.
In either case, you’ll need your old website or old hosting to be running with your existing domain right up until the moment of switch over, when you want your new website and/or new hosting up and running seamlessly.
In these situation you’ve got 2 choices.
1) You could launch your site on your new hosting without a secure certificate and as soon as it’s launched and therefore running on it’s correct domain, set up the SSL. In theory this should only be a few minutes but in those few minutes Google may tell your visitors that your site isn’t secure. If you don’t get much traffic then this probably really isn’t a big deal as it’s quite possible no one will even see the Google warning in those few minutes. But if you get a lot of traffic, then you might not like this approach as you don’t want to give your visitors a bad impression, even if it is only briefly.
2) So instead you could buy and set up a SSL certificate that isn’t from Let’s Encrypt. This is the way we always had to do it before Let’s Encrypt existed. These cost from around £30 to hundreds of pounds depending on the level of security you want, and can take a bit of setting up from your developer if they need to install it for you on the server and make it actually “work”. For a big busy website, these costs are quite minimal in the grand scheme of things and it’s an import step towards a smooth re-launch or server move. But for smaller sites, it’s an unnceccessary expense. Of course if you do opt for this approach, you could just buy the cheapest certificate available and switch to Let’s Encrypt once your site is live so you don’t have annual certificate costs.
So there you go – just something to be aware of in advance of your re-launch and something to discuss with your web developer / client so you have a smooth plan in place that everyone is happy with.