How To Generate SSL/TLS Certificate for Heroku, Cpanel, IIS ( FREE )

Step 1: Install certbot (a popular Let’s encrypt client) if you are on windows or mac it is easy

//For Mac
brew install certbot
sudo certbot --manual
//For linux & windows go to

For Mac and Linux birds, a domain name is asked you can also use a shorthand

certbot -d --manual

Step 2 (verification): You can verify your domain by DNS challenge

//for dns challange type the following instead of sudo certbot certonly --manualcertbot -d --manual --preferred-challenges dns certonly//It will provide you with a host name and txt value you need to insert in your DNS settings//your host name will look something like your domain provider is Godaddy, you are required to remove the part of the host name that contains your domain name (you only need to insert _acme-challenge in the host field) & set TTL to custom 600s (the faster the better)

The default challenge method is hosting challenge (you have to return a specific get response at a specific location of your domain)

DNS challenge is preferred if your website is not yet hosted

If your computer is in a good mood you will be gifted a certificate and private key

If you intend to use them on IIS server you will be required to compile both certificate and private key into a PFX Certificates using OpenSSL

openssl pkcs12 -export -out /tmp/certificate.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem

Otherwise, go ahead and upload your hard work (and saving of 74$) to your hosting provider (like Heroku (only paid users can upload certificates), Cpanel…)

Note: Let’s Encrypt certificates expires after 90 days, You will have to see its face every 3 months

Don’t forget to decrypt ' yell some claps’ most people can’t


If you would like to get an in-depth knowledge of SSL & TLS, there you go




Finding Magic.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Remove K From List — codesignal Algorithms problem regarding Linked Lists

How to Post Soap API and Retrieve Soap Response with PHP/Laravel using Guzzule Clien

Microservices: should you build or buy?

Wordpress Hosting: Managed, Unmanaged, and Everything in Between

Candy Crush Hack Cydia Source

Pair Origami: Understanding Pair Programming in Scrum

How to monitor your CPU and Memory usage in MacOS with Go Programming Language

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Arnav Zedian

Arnav Zedian

Finding Magic.

More from Medium

5 OpenSSL Commands You Should Know

Perimeter security with Fastly edge and AWS — Part I


How to configure and setup SSH public keys, the right way.