How To Generate SSL/TLS Certificate for Heroku, Cpanel, IIS ( FREE )

Step 1: Install certbot (a popular Let’s encrypt client) if you are on windows or mac it is easy

//For Mac
brew install certbot
sudo certbot --manual
//For linux & windows go to https://certbot.eff.org/

For Mac and Linux birds, a domain name is asked you can also use a shorthand

certbot -d mydomain.com --manual

Step 2 (verification): You can verify your domain by DNS challenge

//for dns challange type the following instead of sudo certbot certonly --manualcertbot -d mydomain.com --manual --preferred-challenges dns certonly//It will provide you with a host name and txt value you need to insert in your DNS settings//your host name will look something like _acme-challenge.mydomain.com//if your domain provider is Godaddy, you are required to remove the part of the host name that contains your domain name (you only need to insert _acme-challenge in the host field) & set TTL to custom 600s (the faster the better)

The default challenge method is hosting challenge (you have to return a specific get response at a specific location of your domain)

DNS challenge is preferred if your website is not yet hosted

If your computer is in a good mood you will be gifted a certificate and private key

If you intend to use them on IIS server you will be required to compile both certificate and private key into a PFX Certificates using OpenSSL

openssl pkcs12 -export -out /tmp/certificate.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem

Otherwise, go ahead and upload your hard work (and saving of 74$) to your hosting provider (like Heroku (only paid users can upload certificates), Cpanel…)

Note: Let’s Encrypt certificates expires after 90 days, You will have to see its face every 3 months

Don’t forget to decrypt ' yell some claps’ most people can’t

Cheers

If you would like to get an in-depth knowledge of SSL & TLS, there you go

--

--

--

Finding Magic.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Remove K From List — codesignal Algorithms problem regarding Linked Lists

How to Post Soap API and Retrieve Soap Response with PHP/Laravel using Guzzule Clien

Microservices: should you build or buy?

Wordpress Hosting: Managed, Unmanaged, and Everything in Between

Candy Crush Hack Cydia Source

Pair Origami: Understanding Pair Programming in Scrum

How to monitor your CPU and Memory usage in MacOS with Go Programming Language

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Arnav Zedian

Arnav Zedian

Finding Magic.

More from Medium

5 OpenSSL Commands You Should Know

Perimeter security with Fastly edge and AWS — Part I

THE IMPORTANCE OF SHELL SCRIPTING IN DEVOPS

How to configure and setup SSH public keys, the right way.