Today I am going to explain the process of generating free SSL certificate using ZeroSSL
- We should have our own domain
- We should be able to add/update the DNS settings like A, CNAME, TXT records
Best free SSL providers
As per my research I found the best free SSL (90 days) certificate providers
- Let's Encrypt
In this blog, i'll explain ZeroSSL process
ZeroSSL Free SSL Certificate
- Navigate to https://zerossl.com/
- Signup with your email by clicking on "FreeSSL"
- After email verification, login to zerossl site
- Click on "New Certificate"
- Enter your domain name and click on "Next Step"
- Default validity is 90 days for free SSL
- In the CSR section we have couple of options
- Default is Auto-Generate CSR enabled
- Disable Auto-Generate CSR - only your zerossl registered email address with default values
- Enable Paste Existing CSR - If you have already created a CSR then you can use this option
- Finalize your order
ZeroSSL will generate the certificate using signature algorithm SHA-384
In some cases, if SHA-384 based SSL is not valid then we have to mandatory go for alternate "Let's Encrypt". I will explain Let's Encrypt in my next blog.
For every 90 days, we need to renew our certificate in the above mentioned manner.
- Navigate to Certificates section
- Go to Issued tab
- Click on "Install"
- You can select the Default Format dropdown to select specified server or just leave it default.
- Download the certificate zip file which will contain
- ca_bunder.crt - CA Bundle
- certificate.crt - Certificate
- private.key - Private Key
Hope, you will be able to make use of this free SSL feature and encrypt your domain traffic.
Please let me know your feedback and suggestions in comments or mail to firstname.lastname@example.org