How to get a free SSL certificate for your website?
What is an SSL Certificate? And why does my website needs one?
An SSL certificate is a digital document that proves the ownership of a website. When some visit and interact with your website, it’s SSL that makes the connection secure. An SSL certificate verifies that website content is coming from a verified web server. SSL is a secure socket layer. It provides end-to-end encryption between a web server and a web browser.
Your website needs an SSL certificate to provide a highly secure communication channel to the website visitors. You need an SSL certificate to move your website from HTTP to HTTPS. It ensures all requests to a web server and responses from the web server are encrypted and secure. It helps your website visitors to trust your website and provide their personal information without any risk of data theft. It enhances security features like secure logins, secure payments, and other features.
Why do I need to verify my domain to get a free SSL certificate?
Let’s Encrypt will issue you the free SSL certificate. It is a global certificate authority(CA) that uses ACME protocol to generate an SSL certificate. ACME is an Automated Certificate Management Environment protocol. Here, we provide you a web-based ACME client to verify your domain ownership. So, verify your domain ownership using the HTTP or DNS method and get an SSL certificate at zero cost.
What is the domain verification method?
The domain verification method is a process of verifying ownership of a domain. Let’s Encrypt use ACME protocol to generate a free SSL certificate for your website. It helps us to validate that you are the rightful owner of a domain. Hence, you can get a free SSL certificate for your domain(website). We use two types of verification method:
How to verify my domain using HTTP?
HTTP verification method is a simple and recommended method to verify your domain(website) ownership. This method checks the verification file(s) on your website using the HTTP protocol. You have to follow these simple steps to get your domain verified:
- Fill in the SSL Request form and select http as verification method.
- Download verification file(s).
- Create a directory .well-known inside root directory. A root directory is the main directory(folder) where your website files are stored.
- Then create a subdirectory acme-challenge inside .well-known directory.
- Upload the downloaded verification files(s) into the subdirectory acme-challenge
- After uploading click the verify option to verify you did it all right. If it shows verified then you are ready to generate an SSL certificate, else you need to check what you did in steps 2 to 4.
How to verfiy my domain using DNS?
DNS verification method is a comparatively complex method to verify your domain(website) ownership. This method checks the DNS TXT records of your domain. DNS verification method is recommended for a bit advanced users. You have to follow these steps to get your domain verified:
- Fill in the SSL Request form and select DNS as the verification method.
- Go to the DNS management console of your domain.
- Create a new TXT record in your domain DNS records.
- Copy the TXT Record (e.g. _acme-challenge.domain) from our website. Then paste it in the Name/Host/Alias field of the new TXT record entry of your DNS Manager. Please avoid the trailing white spaces.
- Now Copy the Value from our website and paste it into the value field of the new TXT record entry of your DNS Manager. Please avoid the trailing white spaces.
- Set the TTL to 60 seconds or 1 Minute or the least time your DNS manager allows.
- Wait for at least 5-10 minutes before requesting to generate a free SSL certificate. It allows the DNS server to propagate the new TXT record. The time taken to propagate DNS records depends on your DNS server.
Why I’m getting an error while verifying my domain?
There are two domain verification methods you can choose for verifying your domain.
- Let us first talk about the HTTP verification method. Found error? The reason must be the downloaded verification file is not uploaded to the right location(http://yourdomain/.well-known/acme-challenge/). Please follow the above instructions under the section: How to verify my domain using HTTP?
- Now, let’s talk about the DNS verification method. Got error? The reason must be the required DNS TXT record is unavailable. You should check the DNS management console of your domain for the TXT record. It should have the TXT Record name and value generated on the domain validation page. Also, please wait for some time to let your DNS record propagate. Please follow the above instructions under the section: How to verify my domain using DNS? Finding DNS method very complicated? Then we recommend you should use the HTTP verification method.
How to install the SSL certificate on my website?
After generating a free SSL certificate the next challenge is to install it on your website. First, let’s understand your SSL certificate. It contains three parts:
- Certificate (CRT)
- Intermediate Certificate (CA_BUNDLE CRT)
- Private Key (KEY)
These 3 component forms an SSL certificate for your domain. Now you have to install it according to your web hosting provider. Following are the links to explain how to install it on your specific web hosting:
What is the validity period of my free SSL certificate?
The validity period of a free SSL certificate is limited to
90 days. You can generate a new certificate any time before
the expiration of your current certificate. So, it means you
can have an SSL certificate free for a
You don’t have to pay a single penny to get your domain a valid SSL certificate.
Who is issuing this free SSL certificate for my domain?
The credit goes to Let’ Encrypt. It is a Certificate Authority run by the Internet Security Research Group (ISRG). Let’s Encrypt issues free SSL/TLS certificate. To get more knowledge about it, please visit this page.
I still have a question regarding how to get a free SSL certificate for my website?
Do you have any other questions related to our free SSL certificate generator? Please click the following button to submit your query.Ask your question here