This one’s a shout out to all my computer nerd homies. You know who you are. This one may be long, depending on how well I can stifle my frustration (editor’s note: it proved unstifle-able). It is my hope that someone out there knows what the hell I’m talking about, because I’m pretty sure I don’t.
First, some background. Kinda like a text-based Campfire Storytime. If you’re a computer nerd (read: web designer/developer nerd), and are wiling to help, but don’t want to listen to me wailing about the vicissitudes of life, simply scroll down to the fancy H2 header that says “So here’s my damn question”, and please try to help if you can. For now, I’m just going to type a while, because talking about your problems is generally regarded as therapeutic, and actual therapy is very expensive and any therapist worth his or her salt wouldn’t have a fucking clue what I’m talking about.
Oh. Spoiler alert, there may be some cursing in this post. Clearly. Shit’s about to get real, folks.
A few months ago, I was a graphic/web designer and desktop publisher extraordinaire. I built a friggin’ newspaper. Like, a real one, every month. I’d build ads for customers. Some of them were really cool. I did a Game of Thrones-based ad for a filthy-rich tax attorney. He loved it. Almost as much as the other ad I did, featuring a large dog taking a piss on the sign outside the IRS headquarters in DC. That one was a keeper (and heartfelt). Anyhow, I was happy as a clam, plying my trade and plying it well. I can honestly say it was the best job I’d ever had. The pay stank, but dammit, I was happy. The kind of place where you enjoy the drive TO work as much as you enjoy the drive FROM work. I had my own office with its own bathroom. Huge windows overlooking a verdant street. A bigass whiteboard. I was a Creative Director™, and I was mighty. Then, like so many other newspapers post-newsprint tariffs (thank you, Wharton School of Business), we went out of business. It was a pretty dark time. It had been a fairly dark YEAR, really, due to the money situation, but at least I was fulfilled enough by the work and my coworkers to keep from the really high stress levels that ensued post-layoff.
So I scrambled to find something else. Went on a few interviews (my former boss had stellar contacts in the industry and she adored me); everyone was very friendly and apologetic, and also had no openings for an up and coming graphics/layout guy. And each of them said the others paid shit, so I guess I didn’t miss much. So then, I called one of the guys who was thinking about buying out my former job’s operation. We’d had some heart-to-hearts when he was considering buying the place. Real nice guy. He picked my brain, asked what I’d do differently, and he seemed to value my opinion. Ultimately, he elected not to buy (which was a good choice, all things considered). I’d gotten his card, so I beseechingly called him in a kinda shot-in-the-dark manner. Coincidentally, he had something that he thought would be right up my alley.
So I bring my design portfolio and meet the big guys in the company. They don’t need another designer. So I’m like… “crap”. But they do need a web guy. I’ve been web designing since the web began. One of those old-school finger-to-keyboard HTML-coding types for whom WYSIWYG editors are anathema and blasphemy. Over the years, I learned that WYSIWYG cut development time by a substantial margin, so I grudgingly went along. But WordPress… WORDPRESS WAS THE DEVIL. It was spittle in the face of all of those years of coding and I’ll be DAMNED if I…. you know what? WordPress gets shit done QUICK. So I’m a friggin’ sellout and this site is totally built in WordPress and looks a lot better than the old hand-coded piece of crap it replaced. Anyway, back to the story.
They needed a web guy to maybe design a website here and there, and also to manage Google Ads, Google Analytics, Search Engine Optimization, phone call tracking, provide traffic reports to Advertising, provide advertising reports to customers, provide customer reports to management, etc. Now, each of those things is kind of a separate career. I mean, people get DEGREES in that shit. And I told them, “guys, I can design the hell out of a website, but all that other stuff you mentioned… I’ve never done any of it. But you know what? I’m perky and smart, and I can watch YouTube videos and Google tutorials like a madman, I am about as desperate for work as a guy can get. I’ll catch up”. So they hired me.
I should at this point mention that none of the above has anything to do with the question I’m about to plaintively ask the Void.
Over the past several months, I’ve learned a lot about a lot of crap I really don’t understand. Not only did I have to learn all of the above, but I learned that the company uses Amazon Web Services for hosting. For those of you not in the know, let me break down the web design experience for you. Designing a website is one thing; the hosting is another. Hosting is the real estate where you plant the website you just designed. It’s a web server somewhere, and you hang your little “blahblahblah.com” shingle on this plot of digital land, and you pay these people something like 5-20 bucks a month to rent this spot on the web. You go on there, click a few buttons, upload a bunch of 1’s and 0’s to them, and you are now on the web. It’s slightly more complicated than that, but it’s really straightforward if you’ve been doing it for 20 damn years.
Amazon Web Services is not straightforward.
Oh my TODD, is it NOT STRAIGHTFORWARD. So in addition to learning Google Ads and Google Analytics, and Moz and Ahrefs and Google Ad Manager (not the same as Google Ads… this was formerly known as DoubleClick for Publishers but they decided to change the name to something almost exactly like the name of another service they have) and CallRail and WordPress and Google AdWords (which IS the same thing as Google Ads; the name changed halfway through the learning process and nobody told me… took like a week to figure out that little curveball) and SecondStreet and Yext and Google AdSense (again… NOT THE SAME AS ANY OF THE OTHER GOOGLE AD BULLSHIT STUFF… Can they not diversify their naming conventions??)… I now had to learn Amazon Web Services. No problem, right? Amazon is world-renowned for being quick, easy and convenient.
Again, this is a thing that… well, you don’t so much get a degree in it. But you get certified. And there are like 5 different certifications for it; each more convoluted and daunting than the last. And AWS is friggin’ VAST. There are so many friggin’ services on there. Let’s just say I’m only really using one of them (out of about 120 tightly-integrated but completely different services). And for a time, that one thing drove me quite mad. Part of it involved learning the Linux Bash Shell, which is not (as I assumed) some paleo-diet method of getting to crab meat. It’s basically like DOS, for anyone that ever used a pre-Windows computer. Now, I should say it’s “like DOS” in much the same way that Russian is “like Spanish”. It’s kind of a language. And my skill with that language is essentially “donde esta el cuarto de bano”. The keen-eyed observer will note that there are no accents, tildes or upside-down question marks in that sentence, and that pretty much sums up my mastery of the fucking Bash Shell.
But, I learned enough Bash to get me to the crapper, and it was kind of like that scene where Doctor Strange learns to sling-ring his way off of a friggin’ Alp. I was like “Hey, I can do this. My jacked-up hands won’t hold me back! I now have access to limitless dimensions of possibility!” And then, I excelled. I was spinning up instances and SSHing into them, navigating around, executing scripts and shit. I felt like a badass. I was purveying quality web content and deploying it on virtual machines that I summoned from the aether. I was pleasing customers. This pleased management. This pleased me. The circle continued. But then, like the Master of Mystic Arts himself, I got ambitious. I found my own Book of Cagliostro, and it was the harbinger of my very doom. Like Caecilius, who arrogantly assumed he could bend the will of Dormammu himself, I decided that all sites I designed should be secured by SSL/TLS. It is, after all, the Proper Way. Well, let’s just say my Sanskrit is really, really rusty, because I can’t for the life of me make that shit work.
So, your standard layman will say something snarky like “Well, you’ve been designing websites for two decades. You should know web shit”. And after I backhand that layman with a white, calf-skin glove, I will generally use the following analogy. I tend to teach via analogy, and I’m pretty good at it. A web designer (that’s me) is like a body-shop guy. I can paint a car. I can pound out dents if something goes wrong. I can detail the interior and make shit look good. That’s my wheelhouse. AWS is more like a guy that builds car engines. Services them. He knows about oil viscosity and the difference between a torque mount and a torque wrench. He can define “torque” and show the math involved. Also, rotate tires, fix brakes, rewire windshield wipers and generally cause things to not physically explode. An SEO guy is like a civil engineer that builds and routes highways and on-ramps and knows what goes into building a structurally-sound cantilever structure and the best way to get from point a to point b without too much traffic and bottlenecks and… shoulders and shit. Yes, all of these things have to do with transportation, but they’re very different disciplines. And my job is essentially to know them all. Except replacing “transportation” with “web shit”. Please note that I said knowing this shit is my job. I did not say I am proficient at my job. I’m basically a plumber doing open-heart surgery because both jobs involve making fluid flow through tubes of some kind.
So I paid like 200 bucks for these online classes that are a path to certification for AWS (which is reportedly a highly sought-after certification, by the way), but really I only needed one question answered (and the $200 classes have not yet answered it). And it seems to be a question to which every other web designer on the planet knows the answer, and that Google, in all its wisdom, cannot seem to answer for me. I say “Google, in all its wisdom” with tongue firmly in-cheek. Google has done more than its fair share of pissing me off over the past few months, not the least of which was basically naming four of its sons “Darryl”, and expecting me to tell them apart.
Google, in its “sarcasm-quoted wisdom” has determined that all websites should use the https protocol (that’s the SSL/TLS thing to which I alluded earlier). Those sites which do not use it (like the one you’re reading now) will have a big “not secure” button next to them on Google Chrome. They will also be dinged in search engine results. So when you’re searching for… say… “steak houses in Bozeman, Montana”, all things being equal, a steakhouse using https should theoretically rank higher than one using http. And https is a great thing. I’d love to be using it. Go to practically any business website on the net, and it’s very likely to be using https. I ordered soup from a Chinese restaurant today. Their website looked like crap, but it was secured with https. Literally ALL THE COOL KIDS ARE DOING IT, even the ones that suck at it. And yet, here I am, pinstriping the side of a car… completely and utterly clueless as to how to change oil.
So here’s my damn question.
How in the name of Zeus’ BUTTHOLE do I get https? How much does it cost? I’m using Amazon EC2 for hosting, with a Bitnami WordPress AMI. I’ve tried the Amazon Certificate Manager. I’ve tried Elastic Load Balancers in conjunction with the Certificate Manager. I moved my DNS over to Amazon’s Route 53 (I have no idea how much any of this shit costs, but I know they charge BY THE SECOND, which is… alarming… and all billed to my boss, which is double-alarming. It instantly brings to mind the Great 900-Number Fiasco of the Late 80’s. I had no idea what kind of bill I was racking up. Neither did Mom, till the bill came…). I have crashed my test site about three times, each attempt costing probably three hours of convoluted work, all ending in failure. These are fresh instances, fresh certs, fresh ELBs… each time crashing, burning, and shoveled over with dirt. Luckily this is a customer who’s not paying us anymore, so I don’t care if their site is down. They want it down. It’s kind of like Universal Soldier. I am reanimating dead tissue that nobody wants, and using it for my own twisted experiments. Maybe that’s Frankenstein. Robocop? My God, there really are no more original stories anymore. Kind of comforting, given that my entire podcast is essentially recycled, derivative references to vastly superior works.
Anyhoo… I’ve contacted my company’s tech support department numerous times. They have successfully deployed probably 50 sites, all using SSL/TLS (https), and they refuse to tell me how. They’ve literally stopped answering my emails on any subject even remotely connected to AWS. I have Googled this problem countless times, and I have watched 20 YouTube videos with people with Indian accents saying CertificATE 39 times in the space of 10 minutes, and I am no closer to my objective. Is this like a secret? Is this like a “nobody can be told what the Matrix is” kind of thing? Or a “don’t talk about Fight Club” thing? Maybe “The Stargate Program pertains to deep-space radar telemetry” thing? Is it a cover-up? A prank? Some global cabal that got together and decided to architect an entire internet just so they could NOT tell me how to make it go?
I’m a fucking graphic designer, guys. And not even a really good one. And I used to wrangle some HTML for fun. And I’m pretty good at funny voices. I am gainfully employed to do exactly none of these things. And I have very important and wealthy people expecting me to weave this eldritch magick spell or at least present a facade of competence in “web shit”.
Honestly, cards on the table? My boss doesn’t give two shits whether the sites I build use https. And neither do his bosses. He’s happy with my work, and has been very understanding and supportive with regard to my various struggles with the many, many platforms we use. But this here is a personal fucking crusade. My blood has been spilled in battle, and I demand satisfaction. In much the same way as the 90-pound weakling in the Charles Atlas ads got sand kicked in his face and will someday whip that bully’s ass by signing up for a $200 online class to teach him weightlifting.
I would also very much like to have a contact form on my website without getting 200 emails a day offering me dick pills in broken English.
I would also like dick pills. but that’s a blog for another day.
But website security would be preferable at this point. So if you know anything about this, or can maybe point me in a direction that’s actually useful and not just site-crashingly impossible… I would be eternally grateful.
And if you don’t know about any of this stuff but were happy to be along for the ride… we’re kinda in the same boat, pardner. It’s nice to be among friends. Thanks for reading my story.