I don't know if this is the right place to post this, feel free to redirect me.
I am a student in computer science and I am working on a website. Naturally I will need a domain name and ssl/tls certificate to use the HTTPS protocol. I can get a cheap domain name at google for only 12 bucks per year, so that's not an issue. I am just not sure about where to get the ssl/tls certificate. I saw that Let's Encrypt is a non profit organization, does that mean I can get a certificate for free?
I don't mind paying a small amount (naturally I don't have a huge budget since I am still studying). Any help and pointers are much appreciated!
Well, no, it doesn't mean that--non-profits can and often do charge for their services--but it's nonetheless true that Let's Encrypt certs are free.
But even prior to the material Osiris posted, how are you going to be hosting this website? Are you going to be running your own server (whether on your own hardware or someone else's, like a VPS host)? Or are you going to be using a web-hosting service? Because if the latter, they'd often take care of the certificate for you, so you'd want to look for one that includes Let's Encrypt (or other free) certs in their hosting plan.
Well, I am currently using react for the frontend and django as backend. I just deployed the frontend to firebase which is free up until a certain point. For the backend I am still looking for a solution, I don't think there would be a lot of users at the start, so I think it is a viable option to host the backend at home on some old computer as I can't seem to find a (cheap) solution for hosting a django backend which also requires mysql. Although, I am not sure what the actual cost will be for one, electricity (I imagine running a pc 24/7 will contribute to the bills) and two, internet cost (though, there will only be text transfer, no video's).
Oh, yea, ofcourse, so I see two solutions then, either use some hosting platform that already has the certificate, or host it myself and make sure I get the certificate in order to support a connection of https
Note also that yo can host static content with your own custom domain on github pages or cloudflare pages and they'll sort out the https for you, you would then just need to maintain the backend (if it's an API). If you're using server side rendering for your html that's a bit more involved but there are probably still free ways to achieve that.
You can generally get cheap linux based vm for about $3.50 USD per month (AWS lightsail) if you need to do something with processing and a database etc.
well I am a student too but I am hosting my website and testing it as a hobby only
btw, straight to the point for hosting, I used many free hosting providers but I didn't like any cause of some limitations or other causes now I am using Azure free tier ( free for 12 months ) to host my website on Azure VM, if you want I can help you to get Free VM for hosting and Free TSL/SSL with Let'sEncrypt it's just too easy believe me
interesting, I didn't know that. Where can I get more info about this? I need to put my react somewhere, but also django, I believe react is static content? I am not sure. Django probably not as it manages a database.
Sure. What technologies are you using? I am working with react frontend and django backend, currently looking for a place to put django, though I am thinking about hosting it at home. So I would need to make it work with django on some local machine. Currently looking into certbot, which unfortunately does not permit me to get a certificate for an ip or localhost (which I guess makes sense).
I am still learning a lot and I just want to mess around, the only reason why I am trying to get a certificate is because my react code apperently won't set a cookie if it is not coming from an https, even though both servers are running on localhost...
It can be static (just html and javascript loaded into the browser) or server side rendered e.g. node js is on the server to pre-process requests dynamically so that the HTML for your page is "hydrated" after initial load to inject the additional components it needs to be dynamic.
Django is server side python and runs on your server and is indeed dynamic.(needs a server you control).
@Plegeus I recently got a VPS for 90 cent (euro) per month. 1 vCPU, 1 GB RAM, 10 GB SSD. Scaleway calls it stardust, and it has pretty limited availability -- it's IPv6 only, of course. You can save a lot of money if you don't need IPv4.
So no TLS required indeed.