Zero Issues Left

If you've been paying attention to this site you may have noticed that posts have been showing up rarther far and few between. The main reason for this quiet period is I've been cramming away at my largest Drupal project to date. The MyTime time clock project for my full time employer; ARISE Child and Family Service. This project wille eventually be published on Drupal.org, but it needs a bunch of polishing before it's ready for that. As of today (4-7-16) all the custom contrib modules, custom entities, and fields are ready to be populated. This project has filled most of my time for the last 249 days. Live user testing starts tomorrow. 

This project integrates custom drupal entites for employee, job, client, and punch data with the Twilio API through several custom modules. The Twilio API allows us to accept incoming phone calls to collect the needed data to process payroll for remote employees. The site can also capture the same data through web based punches. Automated exception checking for, overages, overtime, late punches, forgotten punches and other issues allows managers to react quickly, previously these issues could only be found by manually checking thousands of paper timesheets each week from the Agency's growing staff base (currently in excess of 800). The system

Lets Encrypt - Free Domain Verified certificates for everyone.

Let's Encrypt LogoI've begun the process of moving all the sites I host to HTTPS. I was lucky enough to get a Beta Program invitation for the Let's Encrypt project. I used their ACME client to verify domain control and issue a certificate. I was impressed by how easy the process was. The project is scheduled to move into general availability in the middle of November 2015.

I've been participating in the community support section of the LetsEncrypt.org site for a few weeks now and have seen a few issues from people trying to issue certificates who were not "technical" people. While the ACME client can do many of the technical parts of the process, such as configuring Apache, verifying the domain, getting the certificates, and reconfigure Apache to use them, the process can be kind of intimidating. One of the first issue I saw was users trying to use the ACME client to get certificates for domains the own but host on shared hosting systems. Since the ACME client requires command line access, as of now, I don't see any reasonable way for these people to use an automated certificate issuance system.

After experimenting with the system I've come up with my best practices for issuing certificates, installing them, and serving them. I'll detail my process here.