Jump to content
[MUST READ] Forum Rules ×

Let's Encrypt on free hosting?


Recommended Posts

5 hours ago, MNTTalking said:

Hi.

I want to get Let's Encrypt on free hosting?

If you sign up with a host like TinkerHost you can generate an SSL Certificate from their client area.

 

Tinkerhost runs on MOFH, meaning youll get the exact same vPanel and features. There will be some additional features from their client area.

Edited by BastelPichi
Link to comment
Share on other sites

On 6/11/2024 at 10:08 PM, MNTTalking said:

I want to get Let's Encrypt on free hosting?

Let's Encrypt will work on Free Hosting, but the only hosting provider I know that "officially" supports it is InfinityFree.

While mine and the one mentioned above supports GoGetSSL

(I tried providing LE for a few months, but removed due to the complexity of ACME and it constantly requires fixes)

Edited by SpookyKipper
Link to comment
Share on other sites

On 6/16/2024 at 2:53 AM, SpookyKipper said:

Let's Encrypt will work on Free Hosting, but the only hosting provider I know that "officially" supports it is InfinityFree.

While mine and the one mentioned above supports GoGetSSL

(I tried providing LE for a few months, but removed due to the complexity of ACME and it constantly requires fixes)

I used to host an tool that allowed you to generate LE certs. Theres some annoying things tho:

  • Lets Encrypt needs HTTP Verification or DNS Verification
    • HTTP wont work due to security system on Free Hosting
    • DNS Verification requires TXT records, e.g. GoGetSSL requires CNAME. CNAME can be created from vPanel directly, while TXT requires you to create an txt record on verificationexample.yourdomain.com (with a domain hosted e.g. on Cloudflare) and then pointing _acme-challenge (in vPanel) to  verificationexample.yourdomain.com
  • Rate Limits
    • Lets Encrypt rate limits the amount of certs you can generate for a specific domain (counting all subdomains). Thats why e.g. InfinityFree only allows LE on user's domains and not on free subdomains.
  • GoGetSSL and similar have an very easy to use API, while ACME is quite annoying.

If youre still looking to build your own tool id reccomend you use ACMECert, it has support for a bunch of ACME CAs, meaning you can generate SSLs from Google Trust Services, SSL.com, ZeroSSL, Lets Encrypt and Buypass, all for free and with one implementation of software.

Link to comment
Share on other sites

On 6/16/2024 at 8:53 AM, SpookyKipper said:

(I tried providing LE for a few months, but removed due to the complexity of ACME and it constantly requires fixes)

 

On 6/23/2024 at 2:06 AM, BastelPichi said:

Oh and before anyone here wastes their time: Iirc ACMECert, or nearly any ACME client, wont work on iFastNet free hosting.

I had a successes on YAAC after hours of frustration, i remembered you mentioned that's the library you used for your free ssl site

Edited by SpookyKipper
Link to comment
Share on other sites

On 6/24/2024 at 9:11 AM, SpookyKipper said:

 

I had a successes on YAAC after hours of frustration, i remembered you mentioned that's the library you used for your free ssl site

YAAC works, not sure if it works on Free Hosting, I believe someone told me it doesn't. Either way, I don't really reccomend yaac, because it requires modifications to generate certificates compatible with free hosting, and also wont work with any other ACME CA than Lets Encrypt (could probably get that running with large modifications).

Link to comment
Share on other sites

19 hours ago, BastelPichi said:

could probably get that running with large modifications).

I changed the LE staging server url to get it working with Google Trust, then some get requests changed to post or the other way around. Google Trust has stricter requirements on the request method and YAAC simply doesn't comply with

TXT validation works on free hosting

Edited by SpookyKipper
Link to comment
Share on other sites

On 6/27/2024 at 12:23 PM, SpookyKipper said:

I changed the LE staging server url to get it working with Google Trust, then some get requests changed to post or the other way around. Google Trust has stricter requirements on the request method and YAAC simply doesn't comply with

If I recall correctly AcmePHP, which InfinityFree uses, also doesnt work all that well with Google Trust. Thats why I reccomend AcmeCert.

 

Note: AcmePHP is maintained by ZeroSSL, and with ZeroSSL sponsoring quite a few ACME Clients there might be changes in the direction of ZeroSSLs interests, just like what happened to acme.sh. Just make sure to always check their announcements, to not suddenly have break stuff when the default CA gets changed.

Link to comment
Share on other sites

31 minutes ago, BastelPichi said:

If I recall correctly AcmePHP, which InfinityFree uses, also doesnt work all that well with Google Trust. Thats why I reccomend AcmeCert.

 

InfinityFree provides Google Trust Certs pretty well tho

Link to comment
Share on other sites

  • 2 weeks later...
  • 1 month later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...