Free SSL Certificates for Websites/Web Servers

Digital certs for a secured site with encrypted connections via https


Free SSL Certificates for Websites/Web Servers

The sites listed on this page provide free digital SSL certificates that you can use for your site.

SSL certificates, or Secure Socket Layer certificates, are used by websites for https connections. When someone connects to a site via https, a valid SSL cert shows at least a couple of things about the connection: the certifying authority (the place issuing the SSL certificate) affirms that the site is what it claims to be in the certificate, and that the connection is encrypted using some form of encryption.

Observe carefully what I just said: the certificate does not prove that the site is not a scam: it merely means that if you connect to https://www.example.com, the certifying authority confirms that you have indeed connected to https://www.example.com, and not some other site that has intercepted your connection and is pretending to be www.example.com. It may also confirm that the domain is owned by the person named in the certificate. It doesn't mean that www.example.com is owned by an honest person or even the same person/company you imagine is the owner. Neither does it mean that the encryption is any good. In fact, if your certifying authority is unreliable, it really doesn't mean anything at all; everything depends on the certifying authority.

Note that in times of old, some of the free certification authorities were not recognised as valid certificate authorities by web browsers. (I'm not 100% sure what the situation is like today.) In general, this means that when your visitors connect to your site via HTTPS, they may get a dialog box telling them that the site is not secure, and asking them whether to recognise the certificate or not. This will definitely not instill any confidence in your site, so if you are selling a product or service on your site, you may be better off getting a certificate from a known Certification Authority like GoDaddy.

You should also read the fine print for each of the certification authorities below as well -- some of them issue the certificates for free, but require you to pay a fee so that they can validate your ownership of your domain. And they validate very often. (So they may not be really free after all -- calculate the total cost per year before you blindly sign up with them. It may be cheaper and less of a hassle, in the end, to pay for an SSL cert from one of those known certificate authorities I mentioned above, where you have a single up-front price.)

Incidentally, in the past, your domain name (and you must have one) needed to have its own dedicated IP address (which many commercial web hosts provide anyway). This does not appear to be a requirement with the modern web browsers any more.

Related Pages

Free SSL Certificates for Websites/Web Servers

Let's Encrypt New

Let's Encrypt is a certificate authority that issues unlimited free certificates for your websites. At present, though, the default method they provide for you to get certs is by running their program on your web server with root privileges (ie, with administrator's access), which probably makes it a bit hard for the average webmaster to get started since he/she is unlikely to have such access unless the site is hosted on a dedicated server or VPS. There are alternative ways for shared hosting users, but you probably need a bit of technical proficiency to get it working. The certs expire every 90 days, but renewal is free and can be done automatically if your web host supports it. (For example, on one web host, you can simply enable SSL on your website(s) by clicking a checkbox on the web host's control panel, and your site will have https for free with the certificate auto-renewing at appropriate times.) Note: from my testing of this cert on one of my sites hosted on DreamHost, it appears to be genuinely free and recognized by the current versions of all modern web browsers.

CAcert

This organisation allows you to create certificates, including wildcard certificates (which means it is valid for any subdomain of your domain), to protect your connections to your websites or your email via POP3, SMTP and IMAP. You can create certs with any encryption strength you wish.

StartSSL

(Update (27 September 2016): it looks like Mozilla, makers of the Firefox browser, have a long list of issues with WoSign, the company that owns StartSSL, and they are apparently discussing whether they should stop recognizing WoSign and StartSSL's certificates.) This company provides free digital certificates so that you can create an SSL secured site with encryption. You are allowed as many certificates as you wish. You will need to provide your personal details. This company charges for some of their validations although I'm not sure if these charges apply to the free certs. Like all things on the Internet, you should probably read their documentation and terms and conditions before committing to the certificate.

Related Pages

Can't Find What You're Looking For?

Search the site using Google.

Newest Pages

Popular Pages

How to Link to This Page

It will appear on your page as:

Free SSL Certificates for Websites/Web Servers

 


 

thesitewizard.com: Free Webmaster Tutorials, Scripts and Articles

HowtoHaven.com: Free How-To Guides

thefreecountry.com: Free Programmers, Webmasters and Security Resources
If you find this site useful, please link to us.