Some Minor Site Changes

I recently purchased a real SSL certificate and now everything on this site is encrypted with TLS. The TLS settings even get an A rating from Qualsys SSL Labs because I disabled insecure ciphers, set up secure Diffie-Hellman key exchange, enabled HSTS, and did some other customizations. I went with a Comodo SSL certificate which was pretty pricey, but it’s what Adam Langley uses for his Imperial Violet website which I trust a lot. I found Seth Vargo’s site to be very helpful on how to configure nginx with SSL/TLS settings that are easy to set up and secure.

As always:

There should be zero noticeable impact on these changes other than that you’ll get a green HTTPS protocol notification when loading pages on this site in your favorite web browser.