Enabling Let’s Encrypt in MobileTogether
MobileTogether Server, the backend hub for apps built in MobileTogether Designer, now supports the ability obtain SSL certificates using Let’s Encrypt. Let’s Encrypt is a free service aimed at encrypting all HTTP traffic on the web. This feature is supported in MobileTogether Server starting with version 5.1 and adds to the ability to upload your own certificate.
The video tutorial above walks you through configuring MobileTogether Server to utilize SSL encryption when communicating with MobileTogether clients. It covers the use of both Let’s Encrypt and certificates generated using a trusted certificate authority.
SSL certificates generated using a trusted certificate authority can be uploaded directly to MobileTogether Server. This configuration can provide several advantages to system administrators. These types of certificates are typically good for a much longer period of time, requiring fewer maintenance windows. In addition, you can keep your MobileTogether Server completely isolated from the outside world as this method does not require any external ports to be opened. The process to obtain these certificates can be much more complex and expensive. Verification typically requires you to provide information to the issuer and wait for a response which can delay your implementation.
Let’s Encrypt integration was added in MobileTogether 5.1. Let’s Encrypt is a certificate authority whose goal is to provide encryption to the entire Internet. Certificates generated are free of charge. Unlike other methods of generation, though, Let’s Encrypt certificates are only good for 90 days. MobileTogether Server is capable of automatically renewing these certificates every 60 days, but requires a scheduled server reboot each time this action occurs. Lastly, Let’s Encrypt requires your server to be accessible from the outside world; they will need to communicate with MobileTogether Server on port 80 to verify your server’s identity.
The ability to encrypt communication between client and server is becoming ubiquitous. MobileTogether allows you to easily secure all communication to your mobile clients using SSL encryption and new support for Let’s Encrypt greatly reduces the set up complexity.