How to Get a Free SSL Certificate Easily For Your Website

Updated: Feb 26, 2021 / Article by: Timothy Shim

There are several ways you can get a free SSL certificate for your website. Even if you’re running a non-commercial website or blog, they are mandatory today. Not implementing SSL will result in a significant impact on your search rankings.

The easiest way of getting and installing a free SSL certificate is by using the tool provided by your web host. Many web hosting providers today will offer a utility that can help with installing and managing free SSL. In the cases where they do not, things can get a little more tricky. 

Where to Get Your Free SSL

Surprising as it may sound, there are several prominent free SSL certificate providers around. All of them offer usable free SSL certificates and support operations by also having paid plans. Three of the top providers are:

1. ZeroSSL

ZeroSSL - free SSL certificates for everyone.
ZeroSSL – You can get up to 3 free SSL certificates on the free plan.

ZeroSSL provides free SSL certificates to everyone. However, the free plan has some restrictions of it which can be a bit frustrating. Removing these restrictions will require paid subscriptions, which start at $8 per month onwards. Still, it’s entirely useable and secure for most basic websites.

The free plan on Zero SSL lets you generate up to three certificates valid for up to 90 days at a time. These can be downloaded and then installed using your web hosting control panel.

At this point, however, ZeroSSL is in a bit of a flux. They were recently acquired by Apilayer and are still in a consolidation process. Users may find methodologies and policies changing rapidly with this SSL provider.

Top Features

  • 90-day certificate validity
  • ACME certificate management
  • Quick validation
  • Supports Wildcard certificates

2. Let’s Encrypt

Let’s Encrypt SSL - The most famous free SSL provider in the market.
Let's Encrypt – Partnerships with hosting companies to offer zero-cost SSL certificates.

Perhaps the most famous free SSL provider in the market is Let’s Encrypt. While it may not necessarily have “better” free SSL certificates, it has strong partnerships with many web hosting companies. This has led to the widespread availability of Let’s Encrypt certificates.

Unlike some free SSL certificate providers that follow a freemium model, Let’s Encrypt truly offers zero-cost certificates. It is a non-profit organization and runs on sponsorships (mainly corporate), having been in the market since 2016.

Let’s Encrypt certificate management is also automated thanks to integration capabilities with web servers. They are TLS-based Domain Validation (DV) certificates recognized as being secure. The service has also been improving over time, stretching compatibility with as many devices as possible.

Top Features

  • RSA-signed with 4096-bit keys
  • Easy to use
  • ACMEv2 & Wildcard supported
  • Transparency reports available

3. SSL.com

SSL.com - a commercial SSL certificate provider.
SSL.com – A commercial SSL certificate provider that offers a 90-day free trial on its certificates. (check it out)

Unlike ZeroSSL and Let’s Encrypt, SSL.com is a commercial SSL certificate provider. Not all websites should use free SSL, and those who need better certification will have to buy one. The special part about SSL.com certificates is that they offer a 90-day trial period.

This trial period enables you to test their service before committing to a longer term plan for your SSL. Since they are a commercial provider, SSL.com offers more than simple Domain Validation certificates. You can also get Organization Validation (OV) and Extended Validation (EV) certificates from them.

SSL.com certificates are backed by warranties, depending on which you choose. Basic DV certificates come with a $10,000 warranty, while at the upper end of the scale, it stretches to $2 million of EV certificate purchasers.

Top Features

  • Free 90-day trial
  • 2048+ Bit RSA encryption keys
  • Unlimited licensing and reissuing
  • Official support channels


Getting and Installing Your Free SSL Certificate

There are many ways you can get and install free SSL certificates. In this example, we will be doing a run-through of how to install ZeroSSL through the cPanel interface.

1. Sign Up for a ZeroSSL Account

This process is remarkably simple. Just visit the ZeroSSL website and enter a username and password on the signup form. ZeroSSL doesn’t even require email validation to start with – that comes later in the process.

Click here to visit ZeroSSL.

2. SSL Certificate Creation

ZeroSSL - SSL Certificate Creation

From your ZeroSSL account dashboard, click on “New Certificate.” You will be prompted to fill in the domain name you wish to secure with the SSL. Note that ZeroSSL will present you with more options than are available for free accounts – these will be greyed out unless you sign up or a paid plan.

3. Choosing Validity

SSL certificates don’t last forever. Most commercial SSLs are issued on one-year terms, while free certificates seldom last longer than 90 days. Free users can skip this step and move on since there really isn’t a choice.

4. CSR & Contact

For certificate validity, the issuer will need to have contact information for the certificate owner. Here you can choose to let ZeroSSL auto-generate the information, or you can fill it in manually.

5. Finalize Order

Zero SSL will give you an option to sign on for a paid plan at this screen. If a free SSL is all you want, ignore what’s shown here and just click “Next.”

6. Verifying Ownership

To generate the free SSL certificate, ZeroSSL requires you to validate ownership of the domain you provided to it. There are a few ways you can do this, the easiest of which is via proof of email ownership on the domain.

a. Validation via Email

The validation will require you to have a specific email address on your site. ZeroSSL will only accept validation on [email protected], [email protected], and a few others listed in a dropdown list.

b. Validation via DNS

To use this method, you will need access to the DNS table for your domain name. ZeroSSL will provide some information that needs to be added as a new CNAME record on your DNS table.

c. Validation via HTTP Upload

If you choose to verify via an HTTP upload, the system will generate an authentication file for you and let you know where to place it. Download that file and use the file manager on your web hosting control panel to place it at the correct location specified.

Once you have completed the validation, a zip file will be created for you. Download this to your device and unzip it. It should contain three files; private key, certificate, and ca bundle. For the next step, log in to your cPanel dashboard.

7. Installing the ZeroSSL Certificate

On your cPanel dashboard, scroll down to the “Security” section and click on SSL/TLS. This will bring you to a screen with a few options. You will need to upload two of the files downloaded earlier into their respective areas.

  • The private key goes into the “Private Keys” section.
  • The certificate goes into the “Certificates” section.

Once the files have been uploaded, click on “Manage SSL Sites” and select the domain to secure. Next, click on the “Autofill” option, and when that is done, click on “Install Certificate” at the bottom of the screen.

With that, you are now the proud owner of an SSL-secured website. Congratulations!

Learn more about installing a SSL certificate here.

Challenges in Using Free SSL

Primarily, which you choose will depend on your web hosting service provider. Not all web hosting service providers will support easy installation. Of the web host they do, there can also be differences depending on the host’s web hosting control panel.

Installation Complications

While the process seems easy enough if you follow guidelines, there are always potential eros that may crop up. For example, ZeroSSL’s transition to Apilayer ownership hasn’t been entirely smooth. Changes in procedures have not been clearly spelled out, resulting in occasional confusion.

Manual Processes

If a web host has an automated installation mechanism, things are a lot simpler. If not, the example given above for the installation of ZeroSSL using cPanel can give a rough idea of the process involved.

Frequent Renewal

Most free SSL certificates also come with short expiry dates. While this isn’t cut to the point of inconvenience, they are short enough to be a slight annoyance. The typical timeline for expiry is 90 days, upon which you will need to renew your SSL certificate.

Third-party Confusion

An increasing number of website owners today are making use of Content Delivery Networks (CDNs). This inclusion may add an extra layer of confusion for those new to SSL certification since DNS configurations may have to be applied to the CDN.

Conclusion: Simply Your Life

Rather than struggle with the complexities of SSL, a better option would be to sign one with a web hosting provider that supports them. If you do this, a large part of free SSL is automated, from installation to renewal.

Read more:

About Timothy Shim

Timothy Shim is a writer, editor, and tech geek. Starting his career in the field of Information Technology, he rapidly found his way into print and has since worked with International, regional and domestic media titles including ComputerWorld, PC.com, Business Today, and The Asian Banker. His expertise lies in the field of technology from both consumer as well as enterprise points of view.