Here are some popular free SSL certificate providers:

1. Let’s Encrypt (via Certbot)

  • Website: https://letsencrypt.org
  • Type: Domain Validation (DV) SSL certificates.
  • Renewal: Automatically renews every 90 days using Certbot.

Installation and Usage (Using Certbot):

  1. Install Certbot
    On Ubuntu/Debian

    sudo apt update 
sudo apt install certbot

    On CentOS/RHEL:

    sudo yum install certbot

  2. Install Certbot Plugin for Your Web Server
    For Nginx:

    sudo apt install python3-certbot-nginx

    For Apache:

    sudo apt install python3-certbot-apache

  3. Obtain SSL Certificate
    For Nginx:

    sudo certbot --nginx -d example.com -d www.example.com

    For Apache:

    sudo certbot --apache -d example.com -d www.example.com

  4. Automatic Renewal
    Certbot automatically sets up a cron job for renewal. You can manually test it by running:

    sudo certbot renew --dry-run

2. Cloudflare SSL

  • Website: https://www.cloudflare.com
  • Type: Flexible, Full, and Full (Strict) SSL/TLS.
  • Renewal: Managed automatically by Cloudflare.

Installation and Usage:

  1. Sign up and add your domain at Cloudflare.
  2. Change your domain’s nameservers to Cloudflare’s nameservers.
  3. Enable SSL:
    • Go to the SSL/TLS tab in the Cloudflare dashboard.
    • Choose the SSL mode: Flexible, Full, or Full (Strict).

3. ZeroSSL

  • Website: https://zerossl.com
  • Type: Domain Validation (DV) SSL certificates.
  • Renewal: Manually every 90 days (or using ZeroSSL’s API).

Installation and Usage:

  1. Sign up for a free account at ZeroSSL.
  2. Generate a Certificate:
    • Go to “New Certificate” and enter your domain name.
    • Choose “Free 90-day Certificate.”
    • Complete Domain Validation using Email, DNS, or HTTP file upload.
  3. Download the Certificate and install it on your web server.

4. Buypass Go SSL

  • Website: https://www.buypass.com/ssl
  • Type: Domain Validation (DV) SSL certificates.
  • Renewal: Valid for 180 days, renewable through ACME clients (like Certbot).

Installation and Usage:

  1. Install Certbot (if not already installed):
sudo apt install certbot
  1. Request Certificate using Buypass ACME server:
sudo certbot --server "https://api.buypass.com/acme/directory" 
    -d example.com 
    --register-unsafely-without-email 
    --agree-tos
  1. Automatic Renewal is supported using Certbot’s built-in cron job.

Recommendations:

  • Let’s Encrypt (via Certbot) is the most popular and widely supported option. It integrates well with most web servers and automates the renewal process.
  • Cloudflare SSL is great if you’re already using Cloudflare’s CDN and DNS services.
  • ZeroSSL and Buypass Go SSL are good alternatives if you need a different ACME provider.