If we care about the security of our site, encrypting our traffic should be a no-brainer. The configuration is quite simple. Use ssl.enable = "enable"
to enable SSL, and ssl.pemfile
to point to our public or private key pair.
If we can afford to pay for a certificate, there are many options on the market, which will provide optimal security and are trusted by most browsers (and, in effect, users). Otherwise, a self-signed key pair created with openssl req
is enough to encrypt our traffic.