ZeroSSL is now easier to use

Four years ago, I wrote a blog post about how to install a free Let’s Encrypt SSL on a GoDaddy cPanel hosting account. It was by far the most popular post I’ve ever written. The first step of that process was to use ZeroSSL, a web based tool for obtaining a Let’s Encrypt certificate.

Since then, ZeroSSL has become even easier to use. You now begin by creating a free account to use the service. Once you’ve done that, it walks you through the steps for obtaining the certificate and key. 

Authentication is also easier. Instead of having to copy and paste two different content strings and filenames and creating files yourself to upload via ftp, you now have a couple of different choices. One is to authenticate through email. Frankly, I have not had much luck with this approach and have not received the requested email. The alternate method is to download one file to upload to the directory  /public_html/.well-known/pki-validation/ . The file is ready made and doesn’t require a text editor to create it. 

An advantage of having a ZeroSSL account is that your certificate is saved on your dashboard and is available for download after the fact, in case you make a mistake. Also, you now receive an email notice when your certificate is about to expire and you need to renew it. The process is so smooth now, it is easier than ever to avoid paying GoDaddy $64 per year, and instead do it yourself.

How to install a Let’s Encrypt SSL on a shared GoDaddy hosting account

SSL certificates have become a more highly visible topic lately due to Google’s policy announced last September to begin marking pages without SSL certificates as “not secure” in the Chrome browser, the most popular browser in use today. This policy is to take effect in January 2017.

Luckily, a certificate authority called Let’s Encrypt came on the scene last year with the express purpose of promoting encrypted internet connections by providing SSL certificates for free. 

However, obtaining a certificate from Let’s Encrypt and getting it installed on a web server isn’t always an easy task for the average user. The level of difficulty varies from hosting service to hosting service. Here is a list of hosting providers who offer Let’s Encrypt support. Many hosting services would rather sell subscribers an SSL they issue at prices ranging from $39 to $150 dollars per year, and therefore it is in their interest to make using Let’s Encrypt difficult or impossible.

My hosting service, GoDaddy, is not on the list of services that support Let’s Encrypt. However, it is possible to install a Let’s Encrypt SSL certificate on a GoDaddy shared hosting account with a little work. First, you need to have a Linux account, of which there are two types: Classic and cPanel. You can only do this with a cPanel account. GoDaddy seems to want to encourage the migration to cPanel, so they actually offer a free cPanel account for one year to current holders of a classic account. This is the entry level account that only supports one domain. If you have a Classic account, GoDaddy provides good instructions for converting to cPanel.

Once you are set up on cPanel, you can install the SSL certificate. Unfortunately, GoDaddy’s instructions for doing this are rather obtuse and, in some cases, outdated or contradictory. After some trial and error, I hit upon a fairly simple method of accomplishing this. The nice thing about this method is that you don’t need to do anything at the command line level on the GoDaddy server, which can be very daunting for anyone not experienced with Linux.

Step One

Go to ZeroSSL, a browser based interface for getting a Let’s Encrypt SSL. Click on “Online Tools”, then start the “FREE SSL Certificate Wizard”.  Follow the instructions, and you will end up with the following files: a) a domain key, b) a domain CSR (certificate signing request), c) an account key, and d) the domain certificate. As part of the process, you will be asked to create two files with encrypted file names and encrypted content to put in sub-directories of the root directory of your hosting account. The path will look like this: /public_html/.well-known/acme-challenge/  These are the files that are used to prove that you have ownership of the website. The easiest way to do this is with an FTP client like Filezilla. You may have diffuculty creating these sub-directories with the built in cPanel File Manager. Edit: When requesting the certificate at ZeroSSL, be sure to specify both as well as as a subdomain.

Edit: Since this was first written, the process at ZeroSSL has been significantly improved. See this post.

Step Two

Now go to the cPanel for your domain on GoDaddy, scroll down to the Security section, and click on SSL/TLS. Under “Install and Manage SSL for your site (HTTPS)”, click on “Manage SSL sites”.  There you will see a fairly simple form where you provide the following information: a) the domain, b) the certificate, c) the private key, and d) the certificate authority bundle. Items b, c, and d are all things you received from ZeroSSL.  A couple of important points: Included as parts of the certificate are the beginning and ending markers, e.g. “—–BEGIN CERTIFICATE—–” and “—–END CERTIFICATE—–“. If you don’t include these, you will get an error saying the certificate is not valid. Also, the certificate you get from ZeroSSL has two parts, the actual certificate and the Certificate Authority Bundle (CABUNDLE). These are each marked with beginning and ending tags. They will need to be put into two separate boxes on the form. Once you have filled in the form, and you have an indication that the content is correct, click on “Install Certificate”, and you are finished.

You should now have a secure site. You may need to check your site to make sure that internal links reference https instead of http for everything to work right. If you are running WordPress, as I am, you can install a plug in like Easy HTTPS (SSL) Redirection that will take care of these chores for you. All you need to do is change the URL to https in the General settings.

Project Fi – first impressions

Up until two weeks ago, I had been a T-Mobile customer for about 2 1/2 years. I actually have been quite happy with the service. The coverage here in the Northeast corridor where I live is excellent, and I had occasion to use it in Germany last May. T-Mobile works well overseas with free SMS and 2G data and $0.20/minute phone calls. Pricing has also been reasonable, at least up to now.

However, ignoring the old adage “If it ain’t broke, don’t fix it”, I have switched to Project Fi . Curiosity was probably the main reason. I had been reading a lot of mostly good things about Fi, and I really wanted to try it out on my Nexus 6p. There were also some other potential upsides. I really liked the idea of getting LTE data in Europe. If Fi can work as well as TMO in Europe but offer the same data speeds as I am getting in the US at no additional cost, that’s a big draw for me.

Also, since I am not normally a heavy mobile data user, Fi has the potential of significantly reducing my monthly mobile bill. Fi charges a flat $20 per month for unlimited voice and text plus $10 per GB for data. You choose a plan based on how much data you think you will use, and your bill will be adjusted the following month based on your actual usage. For example, if you estimate 1 GB of usage and only use 600 MB, you will get a credit of $4. If you use 1.2 GB in the same example, you will get an additional charge of $2.

Finally, I liked the idea of having three phone networks to draw on (T-Mobile, Sprint, US Cellular) for those areas where TMO alone might not do the job.

The case of the missing SIM

The most difficult part of making the transition was getting a SIM card. Signing onto Project Fi was dead simple, the last step of which was ordering a SIM card. I made the mistake of using the default (free) shipping method, which is something called FedEx Smartpost, a combination of FedEx and USPS. The SIM card shipped promptly but disappeared after the initial departure scan. I contacted FedEx, who put a tracer on the tracking number, but nothing came of it. Several days after the projected arrival date, I contacted Fi support, and they reset my account, so that I could order another SIM card. This time I paid for second day delivery, which worked as it should. There must be some kind of automatic system when there is a delivery failure, because about a week after I activated my (second) SIM, I received a notice that another SIM had been sent by FedEx Smartpost. That SIM arrived just a couple of days ago, more than 3 weeks after I made my initial order. If you decide to try Project Fi, my strong recommendation is to spend a couple of bucks to avoid FedEx Smartpost. It’s not worth the hassle.

Getting set up

With a SIM finally in hand, the activation process for me took less than 30 minutes from the time I put the SIM in my Nexus 6p to the time my number was ported over from TMO. You just run the Fi app, and everything happens pretty much automatically. If more information is needed, you receive clear prompts during the set-up process.

Once I was activated, Fi Network appeared in the notification shade, and I was in business. Fi spent a few minutes looking at available networks before finally settling on T-Mobile. In my travels around the Philadelphia metro region so far, Fi has always chosen TMO. That is not surprising, since Sprint and US Cellular are not particularly strong in this region. I’ll have to wait until I travel to other parts of the country to see if that changes.

Service so far has been reliable and every bit as good as I was getting from TMO directly.


WiFi is an area that did not behave exactly as I expected it would, based on what I had read. I have a fast and strong WiFi signal at home, and I assumed that Fi would be using my home WiFi for voice and SMS. That is not the case. Voice calls and SMS texts continue to go over LTE, and data, of course, goes over WiFi, as with any smartphone. That is a different behavior than WiFi calling on T-Mobile, which actually routed calls over my home WiFi.

Project Fi’s use of WiFi seems to be mainly geared toward finding an alternate source of data transmission to minimize data use on the phone network (and, consequently, on your monthly bill). If you are out and about and you leave your WiFi on, which Fi recommends, Fi’s  WiFi Assistant will search for open WiFi networks. If it deems the WiFi safe to use, it will connect to it automatically with a built-in VPN, and you will see a key symbol in the status bar. This has happened to me once so far.

I have read conflicting accounts of how Google qualifies a public WiFi network. Some reports say that Google maintains some sort of database of qualified networks, while other reports describe some sort of test that the WiFi Assistant performs to determine if a network is qualified. I have not been a fan of connecting to public WiFi networks due to security concerns, but I am comfortable with connecting over the Fi VPN.

From what I gather, Fi will only use VoIP for phone calls as a last resort, when no mobile phone signal is available. You can, however, force a VoIP call by using the Hangouts dialer or turning on airplane mode then switching WiFi on. This seems to work OK, based on a couple of test calls I have made. Call quality will vary depending on the quality of of the WiFi network.

Signal Spy – a great companion app

Signal Spy, available for free from the Play Store, was specifically developed for and is an excellent companion app for anyone using Project Fi. Signal Spy tells you which mobile carrier you are connected to along with information the band, technology (LTE, HSPA, etc.) and signal strength. It also gives you information about any WiFi network you are connected to and provides a history of your connections. If you suspect Fi has not connected you to the best carrier for a given location, you have the option to use dialer codes to manually switch networks.

The interface is clean and resembles the look of the Project Fi app. You can choose to have an indication of the network you are connected to in the notification bar and on the notification shade.

Conclusion: Great so far!

So far, I am very happy with the Fi service, which I think will end up costing me about $20 less per month than I was paying on T-Mobile. How much you save, if anything, will vary depending on how much mobile data you use. If you use less than 2 or 3 GB per month, and you are in an area covered by the Fi mobile partners, this plan may be for you, providing you have a Nexus 6, 5x, 6p, or one of the new Nexus phones to be announced shortly.

Switching from Android to IOS

A couple of weeks ago, my beloved Nexus 5 died. It began with random shutdowns, and finally, it would not boot up at all. The likely cause is a hardware failure involving the on/off switch. It was out of warranty, and the Nexus 5 is no longer available, so I couldn’t replace it. I really liked that phone. It was the perfect size, and I loved the way pure Android Lollipop worked without any skins added by the manufacturer or carrier.

So, I had to get a new phone. I looked at the newest Android models available: Samsung, HTC, and LG. But I found all of the newer Android phones to be too big. I just don’t understand the attraction of phablet sized phones. I want something I can easily carry in my pocket. I hope that the next generation will start to swing back the other way or at least offer alternative sizes.

The Android phone that came closest to fitting my needs was the LG G4. I had read a lot of good things about the camera, and it seemed a little less unwieldy than the others, but after the hardware failure of my Nexus 5, I was reluctant to trust LG again, and I thought the UI skin was pretty ugly. I might have considered a Nexus 6 if it wasn’t the size of a paperback book or a Kindle.

Well, that pretty much left me with one other alternative: the 64 GB iPhone 6 (the  regular sized one, not the plus).  The build quality is, of course, very good, as you would expect from Apple, and performance is rock solid. Most importantly, it was the perfect size for me.

I am not a stranger to IOS. I have used an iPad for several years, but this is my first iPhone, and there are some things that really bug me about this phone.

  • Apple always touts the thin, all-aluminum body of the phone as a feature. I found the phone hard to pick up off a flat surface and very slippery. Before I had a chance to get a case for it, I dropped it on pavement and put dings in two corners, and a small scratch on the screen. Also, the camera lens protrudes from the back, leaving it exposed to scratching. The Flexion case I bought, by the way, is excellent, and the phone feels much more secure in my hand. I don’t understand why someone would carry around something as expensive as an iPhone unprotected just to make a fashion statement.
  • There is no 32GB model. 16GB is barely serviceable, so I was forced to go with 64GB.
  •  I really miss Google Now. Siri is just not as smart or proactive as Google Now, and Google Now on IOS is just a shadow of its Android counterpart.
  • I miss the Android screen widgets. IOS widgets on the notification screen are just not as useful.
  • Trying to organize app icons on IOS is an exercise in frustration, because the icons insist on taking up any blank spaces.

I’m sure I will get used to the iPhone over time — at $750 I will have to — but I really think Apple goes too far in locking down the iPhone for the sake of simplicity.

iPad Apps for the Jazz Player – Update

It’s been over two years since I wrote my original post on iPad apps that I have found useful as a jazz player, so I thought I would update my experiences. In addition to iReal b and iGigbook, I have added another app to my collection: forScore. All three of these apps do different things, and I find all three of them useful.

iReal b

The developer of this app has continued to improve it over the past two years, and a major update called iReal Pro is in the works, which will be a free upgrade to existing iReal b users. This is my go-to app for practicing.

  • You can configure the play-along feature with the rhythm section you need, depending on the instrument you play by adjusting the volumes of the rhythm section instruments.
  • There lots of styles to choose from, some built in and some available as an in-app purchase.
  • You can loop specific sections of a song to practice on, and adjust the tempo.
  • For piano and guitar players, a lot of new functionality has been added in the way of chord charts.

I play tenor sax in a couple of different big bands, and I can key in a solo from a big band chart to practice on in five minutes or so using the built-in editor. This app also works well for memorizing new songs you want to learn for jam sessions.


This app has also seen continued improvements. In addition to its basic selling point – lots of fake book indexes that you can match to your PDF fake books – it now comes with chord charts for over 1000 jazz standards that are transposable on the fly. This is the app I take to jam sessions to use when I don’t know the tune that well. It’s great for finding tunes on the fly, and it sure beats hauling around a case load of fake books.

My major problem with this app has and continues to be related to page turning. While it is theoretically possible to use this on a gig using the set list function, I find it difficult to use if the lead sheet is more than one page. Depending on the resolution of your fake book scan, the page turning can be so slow that I don’t know if I have really turned the page or not. This has caused me on more than one occasion to turn the page again and then be one page farther than I wanted to be. A recent improvement has helped this situation. With the advent of IOS 7, the app now works much better with Bluetooth page turning devices like the PageFlip Cicada (more about this in a future post). You can now reliably turn pages hands free, but the lag is still annoying to me.

The developer also offers a companion app to use an iPhone or iPod Touch as a page turning device, but I don’t particularly like the idea of stepping on my iPod Touch or strapping it on my ankle to turn pages.


This is a relatively new app for me, and I am really impressed with it. Unlike iGigBook, forScore is not fake book based. It is really designed to handle individual pieces of music or lead sheets.

I play in a jazz quartet, and we have our own book of sets that come from many different sources. Some are fake book scans, but many come from lead sheets generated from programs like Finale and Band-in-a-Box. With forScore, you load individual PDF files for each song into the app. You can do this by connecting your iPad to your computer via iTunes, or you can connect within the app to Dropbox. I have found that bulk uploads are faster with iTunes, but adding a couple of tunes on the fly is a snap with Dropbox.

The interface is very intuitive, and while the app comes with excellent documentation, you hardly need it. Lead sheets can be assigned to as many set lists as you like. It’s easy to create a set list on the fly. You can assign a key to each tune as well as multiple tags.

Another great feature is the annotation tools. They are easy to use, and you can have multiple sets of annotations for different situations – rehearsals, types of performances, etc. Once annotations have been made, you can edit them at any time.

For me, one of the most important features is that page turning is lightening fast, which I find indispensable on a gig, especially when you have a multiple page lead sheet. The resolution of your scan has little effect on the speed of page turning. The app uses something called “adaptive caching” to pre-render pages before and after the one you are on. When you turn a page, it shows up instantaneously.

forScore also works very well with Bluetooth page turners, including the two leading ones, PageFlip and AirTurn. There are lots of other goodies built into this app too numerous to mention here, but these are the biggies for me. Check their website for a complete rundown.