Who is the best free SSL certificate provider?

Can you tell me who is the best free ssl certificate provider? Cloudflare or Letsencrypt or others?

I'd suggest Letsencrypt, we chose it and it's working good no issues so far.

I would choose Cloudflare because it is free and easy to install on my cPanel with just a few clicks.
Also, I don't care about renewing it because Cloudflare offer 15 years period for their SSL service.

David Beroff said:

Can you tell me who is the best free ssl certificate provider? Cloudflare or Letsencrypt or others?

Click to expand...

In terms of security, Let's Encrypt is better. Last release provide the ability to generate ECDSA certificates, which provide better encryption than all paid certificates available on the market.

In terms of ease of use, with a control panel like Plesk, Let's Encrypt is fully automated, but if you setup yourself a server, Cloudflare origin certificates are really great with 15 years validity.

The main difference is when you use it for your business, Cloudflare require to pay to have unique SSL certificates, without hundreds of domains on the same certificates, and cost $200/mo to be PCI Compliant and accept credit card directly on your site. When Let's Encrypt is totally free, and renewal can be easily automated.

Let's encrypt more easy and better to use.
dont forgot to renew every 3 moths!

most to all major providers now offer free SSL with web hosting plans now

VirtuBox said:

In terms of security, Let's Encrypt is better. Last release provide the ability to generate ECDSA certificates, which provide better encryption than all paid certificates available on the market.

In terms of ease of use, with a control panel like Plesk, Let's Encrypt is fully automated, but if you setup yourself a server, Cloudflare origin certificates are really great with 15 years validity.

Click to expand...

Normally Let's Encrypt offered 3 months period to renew their service and some newbies can have difficulty in renewing SSL for their sites. I read more these complaints on forums. I am just wondering whey Let's Encrypt didn't offer a longer time for renewal like 3 years or 5 years.

VirtuBox said:

The main difference is when you use it for your business, Cloudflare require to pay to have unique SSL certificates, without hundreds of domains on the same certificates, and cost $200/mo to be PCI Compliant and accept credit card directly on your site. When Let's Encrypt is totally free, and renewal can be easily automated.

Click to expand...

I don't understand this, what is unique SSL certificate on Cloudflare and why it costs $200/mo?

DTS-NET said:

most to all major providers now offer free SSL with web hosting plans now

Click to expand...

I agree with you but at least they have to go with a free SSL provider to offer to their clients.

David Beroff said:

Normally Let's Encrypt offered 3 months period to renew their service and some newbies can have difficulty in renewing SSL for their sites. I read more these complaints on forums. I am just wondering whey Let's Encrypt didn't offer a longer time for renewal like 3 years or 5 years.

Click to expand...

Two reasons:

1. They limit damage from key compromise and mis-issuance. Stolen keys and mis-issued certificates are valid for a shorter period of time.
2. They encourage automation, which is absolutely essential for ease-of-use. If we're going to move the entire Web to HTTPS, we can't continue to expect system administrators to manually handle renewals. Once issuance and renewal are automated, shorter lifetimes won't be any less convenience than longer ones.

Source : https://letsencrypt.org/2015/11/09/why-90-days.html

I don't understand this, what is unique SSL certificate on Cloudflare and why it costs $200/mo?

Click to expand...

When you use Cloudflare SSL with free plan, the SSL certificate is valid for several domains, and you have to pay for a certificate valid only for your domain :



And to process credit card on your website, you need to use TLS v1.2 only, and it require the business plan.

Lets Encrypt now has auto-renewal so no need to worry about the short-term certs.

VirtuBox said:

When you use Cloudflare SSL with free plan, the SSL certificate is valid for several domains, and you have to pay for a certificate valid only for your domain

Click to expand...

How many domains can I have with free plan?
I didn't know this before and I thought it was unlimited domains with Cloudflare SSL.

VirtuBox said:

And to process credit card on your website, you need to use TLS v1.2 only, and it require the business plan.

Click to expand...

I got this, if my websites don't require to pay with credit card then I don't need to have business plan, right?

Laurence Flynn said:

Lets Encrypt now has auto-renewal so no need to worry about the short-term certs.

Click to expand...

Are you going to saying about Certbot? Using it to auto renew SSL from Lets Encrypt with cPanel?

In Plesk the Lets Encrypt auto-renew is a built-in feature. Check a box to auto-renew when you create the cert, done.

Letsencrypt seems to be most proactive in making it easy for different control panels to implement. Can also use easy tools such as certbot. If you have cPanel, you can also get a basic Domain Validation certificate from cPanel (I believe powered by comodo).

I don't trust CloudFlare too many issues for what it's worth and they have RocketLoader which mucks up JS, etc so I recommend LetsEncrypt I use it on ours as it's free but a EV is worth it if you want the green bar.

I think Let's Encrypt is more common due to the fact that it easy to implement and use on many control panels. It is being developed at a steady pace, new features, like a wildcard, are being added, which is great for a simple user as it opens more options for improving.