Jump to content

Recommended Posts

Posted

I just found that ZeroSSL.com requires now registration to create or prolong Let's Encrypt certificates (no any registration was needed 3 months ago). Additionally you can only get 3 certificates with free account. That was good and easy for layman way to get free certificates, I was able to easily explain what and how to do for non-tech people. Now it's not that cool anymore.

 

Anyone knows a ZeroSSL-like web based alternative? That doesn't require registration and doesn't limit you to just 3 Let's Encrypt certificates just like ZeroSSL before?

Posted

@ sohamb03

It looks that it's using ZeroSSL and also requires being registered.

 

@ Krydos

When trying to paste LE account key that I've already created in the past with ZeroSSL, it warns me that it's incorrectly formatted. Maybe that's just different prefix?... I'll try to play with it later.

 

 

 

After browsing a little bit, personally - on Windows - I found it easy, quick and comfortable to use Win32/Win64 portable client: https://github.com/do-know/Crypt-LE/releases

It doesn't require any installation, no dependencies, you just need to type the right command.

So it's not web based, I wonder how easy (or not) it will be to instruct some total layman.

  • Like 1
  • 2 weeks later...
  • 3 weeks later...
Posted

After browsing a little bit, personally - on Windows - I found it easy, quick and comfortable to use Win32/Win64 portable client: https://github.com/do-know/Crypt-LE/releases

Same thing that was already posted.

 

As some feedback to this link though, I tested it out and it works. It's definitely more complicated than zerossl was though. Oddly enough though, I tried doing a zerossl certificate after their major site redesign and I couldn't get it to work. I don't know if their site was broken when I was trying, or if I'm a special kind of dumb that can figure out a command line tool with 100 cryptic flags, but I can't figure out a simple web based gui. I don't know.

 

Here's an example of the command I ran:

le64.exe -email "admin@krydos.heliohost.org" -key account.key -csr krydos.csr -csr-key krydos.key -crt krydos.crt -domains "krydos.heliohost.org" -generate-missing --handle-as dns --live
  • The krydos.csr and krydos.key files can be generated in cpanel by going to https://johnny.heliohost.org:2083/frontend/paper_lantern/ssl/csrs.html The link is for Johnny because Tommy and Ricky have autossl so you shouldn't need to do this.
  • When you generate your krydos.csr and krydos.key files the CSR page will also create a .crt file that you apparently don't need for anything. So that can be kind of confusing I guess.
  • The krydos.crt file listed above is generated by the le64 program, not the cpanel CSR page.
  • Only run the command without --live at the end to test a few times, and when you're confident it's working right add --live to make the real certificate. Running it with the --live flag too many times would hit LE's really low rate limit and you'd have to wait some time to try again.
  • I did my tests with DNS validation, but it's probably easier for most people to place a .well-known/acme-challenge file which is the default, so remove that flag too if you want otherwise you have to create a TXT record on your domain.
  • The account.key I already had from previous Let's Encrypt SSL certificates. Not sure how you would generate a new one, if someone can chime in and explain that it'd be great.
  • If the program runs correctly it will create the krydos.crt file, and then you go to https://johnny.heliohost.org:2083/frontend/paper_lantern/ssl/install.html to install the krydos.key file that you created when you made your krydos.csr, and the krydos.crt file that this le64 program made. That confused me for a minute because I assumed the program would output a new .key file for some reason.
Posted

Well, registration on sslforfree.com?

 

Last time I used it, probably, be 2-3 months ago, it didn't require registration to issue a certificate. Registration is optional in case you would like to activate reminders for certificate expiry date, and to have all your certs listed in one place.

 

Not sure if that has changed since.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...