Certificate authorities ( CA ) provide SSL certificates for domains to communicate securely from browser to server so no Man in Middle attacks can happen. These certificates are signed by CAs and browsers trust upon them. In this post we will learn about how to generate a free SSL certificate from let’s encrypt.
While we can generate our own certificate but the browsers will not trust them and will show insecure connection warnings to the users.
In this tutorial I will explain how we can generate a free valid and browser-trusted certificate from let’s encrypt. The free SSL certificate will valid for 90 days and will have to be renewed in 90 days.
In this post we will learn about how to generate free SSL certificate from let’s encrypt.
First – Go to SSL for free website.
You will see the webpage as shown in the picture, add your domain name in the box, or optionally you can add * before the domain name for wildcard SSL generation which will be valid for all of your subdomains. e.g.
*.example.com , Use
example.com www.example.com for obtaining a certificate just for the domain.
Step 3 – Click on “Create Free SSL Certificate”.
After that you will get the following screen.
Domain Ownership Verification
Then On the next step, You will need to verify your domain ownership. There are two types of domain verification methods available one via DNS TXT record and others via manually file upload. If you have chosen for wildcard SSL then there will only be one method via DNS TXT record that will be available.
Please note TXT records sometimes take time to propagate. Kindly wait for the time before you proceed.
Before going furture, kindly verify by given below link on that website to ensure the TXT records are updated.
If you have chosen for wild card SSL and difficulty verifying your domain then just create an A record with _acme-challenge hostname points to your IP address then create a TXT record with hostname _acme-challenge and value which is provided by the website.
And if you choose only a single domain and manually verifying by file upload then please make sure your www subdomain points to your website. Also check if file is accessible from the browser with using your domain with www e.g.
www.example.com/.well-known/acme-challenge/thefilewhichisprovided. Otherwise you will get error verifying the ownership of the domain.
Generate a free SSL certificate
If you have completed the domain ownership verification setup successfully then click on “Download SSL Certificate” to generate your free SSL certificate from Let’s Encrypt.
Final Step – On the next screen you will see your keys for the SSL just click on “Download All SSL Certificate FIles”.
After that you will get a zip folder extract it there you will get all your certificate files.
For installing it there are different methods for different servers.