Skip to content

How to get a free SSL certificate for your website? How is it different from paid SSL?

  • by
  • 5 min read

So your brand new portfolio website is ready to publish and slay. It’s a masterpiece written in beautiful code prepared to bless the Internet. You upload the website, try to access it and get an error saying the website isn’t secure.

Errors like these can kill the browsing experience and even turn back potential visitors. To ensure that such issues don’t hamper your website, you’ll need to get an SSL certificate. However, these security certificates cost money. When developing a simple portfolio website or a simple project, paying for a security certificate doesn’t really make much sense.

If you’re wondering the same, you’re in the right place. In this article, we’re going to see how to get an SSL certificate for free and get that https:// prefix for your website.

Also read: GitHub makes private repositories with unlimited collaborators free for all(Opens in a new browser tab)

How to get a free SSL certificate?

It’s actually quite simple. All you need to do is prove that you own the website.

Step 1: Head over to the SSL For Free website

Step 2: Enter the URL of your website and click on Create Free SSL Certificate

Step 3: It’ll load up a SSL generation page. This is where you’re going to have to prove that you own the website you’re trying to secure.

There are three ways you can do this. My advice is to stay away from the DNS method unless you know what you’re doing. You can opt for the Automatic FTP Verification as in most cases you will have FTP access to the website. Otherwise, there’s always manual verification available.

For this tutorial, we’re going over with Manual Verification.

Step 4: The website will ask you to upload several verification files to a specific directory on to your server. First up we need to download those files. Click on Download File #1

Step 5: Once you’ve downloaded the file, head over to your cPanel and then to the file manager. Here you will have to create two directories called .well-known and inside it acme-challenge inside your public_html root directory.

Step 6: Upload the file downloaded in Step 4 to this directory.

Step 7: After uploading the file, click on the link given on the SSL For Free website.

If all went well, you should see a page that reads out the file name exactly as it is.

Step 8: Click on the Download SSL Certificate.

Step 9: Now you’ll be given your SSL Certificate, the Private Key and the CA Bundle. All you need to do now is paste these in the cPanel SSL settings.

Step 10: Head to the cPanel and find your SSL settings.

Step 11: Under SSL settings, click on Install and Manage SSL for your site (HTTPS)

Step 12: Scroll down to Install an SSL Website. Select your domain from the drop-down and copy-paste your certificates as given by SSL For Free.

Step 13: When you’re done, scroll down and click on Install Certificate and your SSL certificates will be installed.

Now when you access your site you’ll see that you now have no security issues whatsoever and it has an SSL certificate too.

Also read: Top 11 fake email generators

How is a free SSL certificate different?

It’s a valid question to ask how good something is when you’re getting it for free. Most SSL certificates are paid and if you’re running a proper commercial website or anything that deals with things that you need to keep safe — user IDs and passwords, payment information and handling any other personally identifiable information — we recommend that you get the paid ones.

However, that doesn’t mean that the free ones are not good. These certificates are issued mostly by LetsEncrypt, an organisation that’s well known for its security standards.

Probably the biggest problem you’ll face is that these certificates will expire every three months and there’s no auto-renew feature. But for free security, we can’t really complain.

Also read: What is code-signed Malware and ways to protect your device

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: