I've been thinking about using SSL to protect logins to this blog for a while, but thought it would be too complicated. This weekend, I took the time, and thanks to Haris' Admin-SSL plug-in, it was very easy. First I used cert.command to create a certificate for www.extrapepperoni.com, then I configured my DreamHost account to provide SSL (https://secure.reppep.com/ep/) in addition to the existing http scheme; this took a while to go through. Then I installed Admin-SSL, and after a few loading errors, all authentication and authenticated access is now SSL only, while reading anonymously is non-SSL.

Note that I'm using a certificate signed by my private certificate authority, ca.reppep.com, so you'll get a warning from your browser that it's not trusted; this is normal. You can continue past the warning and get full 128-bit SSL encryption; you just don't have the assurance of a public CA that I am who I say I am.

Thanks to Rich & Sam for encouraging me to do this.