SSL Certificate

A SSL certificate is used to authenticate the identity of a server and to encrypt communications between the server and clients, ensuring data confidentiality and integrity.

Rationale

While proper SSL support is not strictly required, a valid SSL configuration is significantly more convenient than having to add individual SSL exceptions in the browser or modifying configurations to allow insecure connections.

Options

Four options are possible considering SSL certificates, with their pros and cons:

SSL Certificates (untrusted)

	Asustor built-in	Self-signed
Price	🟩 Free	🟩 Free
Trust in browsers	🟥 None, causes warnings [1]	🟥 None, causes warnings [1]
Validity period	🟩 10 years	🟩 User defined, usually 10 years
Automation	🟩 Fully automated	🟥 Server setup required [1] [3]

SSL Certificates (trusted)

	Let’s Encrypt	Commercial
Price	🟩 Free [2]	🟥 Paid [2]
Trust in browsers	🟩 Trusted	🟩 Trusted
Validity period	🟩 3 months, automatically renewed	🟩 At least 1 year
Automation	🟥 Server setup required	🟥 Server setup required [3]

Conclusion

For these reasons, owning a domain that can be administered via an API and using Let’s Encrypt certbot makes it possible to obtain valid SSL certificates without browser warnings, at minimal cost.

Warning

This tutorial uses Let’s Encrypt certbot with a user selected bought domain. Using, and configuring, any of the three other options is left as an exercise to the reader.

Footnotes

[1] (1,2,3)

Client manual setup required; browser warning is present until the root certificate is imported into each browser.

[2] (1,2)

Additionally, requires a domain name, which has a yearly cost.

[3] (1,2)

Server setup is required for each renewal, which can be yearly in the case of a commercial certificate.