Free SSL Certificates & Free Wildcard SSL Certificates in Minutes.
How It Works?
- Let's Encrypt is the first free and open CA
We generate certificates using their ACME server by using domain validation.
- Private Keys are generated in your browser and never transmitted.
For browsers which support Web Cryptography (all modern browsers) we generate a private key in your browser using the Web Cryptography API and the private key is never transmitted. The private key also gets deleted off your browser after the certificate is generated. If your browser does not support the Web Cryptography API then the keys will be generated on the server using the latest version of OpenSSL and outputted over SSL and never stored. For the best security you are recommended to use a supported browser for client generation. You can also provide your own CSR when using manual verification in which case the private key is handled completely on your end.