Letsencrypt.org is a new project that offers free TLS certificates to allow people to encrypt their traffic.
The project is in a limited beta so I decided that a good test would be to install one of their certificates on to a Nessus scanner I host in AWS.
The install wasn’t complicated and only took about 15 minutes and 9 commands:
cd ~
git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt
./letsencrypt-auto --agree-dev-preview --server https://acme-v01.api.letsencrypt.org/directory auth
sudo service nessusd stop
sudo cp -i /etc/letsencrypt/live/scan.jerrygamblin.com/fullchain.pem /opt/nessus/com/nessus/CA/servercert.pem
sudo cp -i /etc/letsencrypt/live/scan.jerrygamblin.com/privkey.pem /opt/nessus/var/nessus/CA/serverkey.pem
sudo cp -i /etc/letsencrypt/live/scan.jerrygamblin.com/chain.pem /opt/nessus/com/nessus/CA/cacert.pem
sudo service nessusd start
Now my padlock is green and my traffic is secure: