Guys this is big news, if you are a python developer, you will Love to have Let's Encrypt built in your PAAS. with PythonAnywhere reporting on its newsletter:
Let's Encrypt is a project supported by the Linux Foundation to help secure the web by providing free HTTPS certificates for any domain you own. Its certificates are just as good as ones that you pay for in almost every way -- the only downside is that you have to renew them once every few months rather than once a year. (That's also a security feature, of course, because if someone steals your private key then they can only impersonate you for a few months rather than a year. But it is a little inconvenient.)
The post went on saying that PythonAnywhere use HTTPS by default when you have a pythonanywhere domain but if you have configured a custom domain then you most either give them the certificate or you can get to use Let's Encrypt, giving you additional instructions for the process:
Basically clone a sample project, extract their certificates, which are already filled with most of the default information and just add:
mkdir -p ~/letsencrypt/wellknown
cd ~/letsencrypt
Once you have that just need to reload your webapp. Remember to replace YOURDOMAIN with the name of the domain.
You'll also need your pythonanywhere site to be able to serve static files from your wellknown directory. Head over to web app tab and set up a new mapping:
- Static URL: /.well-known/acme-challenge
- Static Path: /home/YOURUSERNAME/letsencrypt/wellknown
Now we need to actually request a certificate:
~/dehydrated/dehydrated --cron --domain www.yourdomain.com --out . --challenge http-01
To get your certificate installed email support@pythonanywhere.com to let us know that you want us to install your certificate. Include your username, the directory path, and the domain name and we'll do the rest.
And that's it. Let's Encrypt is so awesome, I use it as much as I can and I think setting it up is quite simple. Even better when is supported.