Free-ish SSL Certs

*Trusted public certs on the super cheap because it's just a homelab, can do.

- You will need a domain name, register your chosen domain at any of the many providers I'm using GoDaddy because there was an offer and it had API integration with our SSL too Certify the Web
- Certify the web, this is the application that will generate our certs:

Lets jump into a overview of this:

Install Certify the web accepting defaults and Launch it:

- click new certificates > this will prompt you to register a new contact > complete this:

- Go back to new certificate
- Add primary domain to list you can also add a wildcard in addition to the primary a wildcard is useful

- DNS update method is dependant on how your site is managed
- Godaddy > create API key (production not ote) in dev portal and add to certify the web credentials
- Click … to check API and if working the zones Id section should be populated

- Change to deployment section on the right side menu
- Select No deployment, this will save the certificate to your local machine

- Review the preview page
- Run the request certificate
- You should now have a valid certificate
- The output folder isn’t clear but you should find them in C:\ProgramData\certify\assets\

Now find something to do with your shiny new certs.

*Things to note:

- Certs are valid for 90 days at a time, renewal process is built into Certify the Web application and you can setup target locations for the certs to go post renewal instead of manually adding them each time they are updated

- They are not password protected so depending what you intend to use them with you might need to take some extra steps before an install will accept them, the password section is found on the advanced tab next to domains in the certificates section.

This article was updated on February 5, 2021