What do you think about the SSL Certificates tool?

Half a year ago, we released our own SSL Certificates tool. The purpose of this tool was to make it easier to get free SSL certificates on free hosting, by using CNAME verification as a way which works more reliably than HTTP or TXT verification (which typically involves external tools to get to work at all).

Since then, many thousands of certificates have been requested and installed successfully!

However, I also see that plenty of people purposely choose to use Cloudflare to get HTTPS, or get SSL certificates from other services like zerossl.com and sslforfree.com. I can understand the decision for Cloudflare, but I personally don’t see why someone would use zerossl.com or sslforfree.com instead (given that you need more external tools to get them to work).

So what do you think about the SSL Certificates tool? Do you like it? Not like it? What parts work well and what parts don’t? What advantages do other providers have that our tool doesn’t?

I’m really curious to hear your thoughts!


In all honesty here this was a very awesome feature InfinityFree has pulled off! I didn’t even know it was possible to implement such an awesome feature in the first place.

There were workarounds before that I use but I will have to change my nameservers and DNS records everytime I want to get one and renew a Let’s Encrypt certificate which is a very hassle thing to do…

Clients should know how lucky they are that this feature exist, it is very hard to make such a feature to work especially with the free hosting servers. Kudos to Admin for his hardwork that he was able to make such a cool implementation!

Overall the SSL issuer you made is absolutely amazing! :+1:


We very liked it. A 100% pass mark. I tried the tool and I realized its much easier. It minimize the hazzle on creating ssl certificates. We are very thankful that you have offered the ability of users to upload their own certificates even though its a free hosting plan. In the topic of the external tools, I only liked the Cloudflare and its services. There is no doubt that they are leading in terms of securing every websites & devices in the world. They’re too many tools that can be used to secure anyone & too avoid many undesirable hacks. It extends functionality between the server and the host.

In the case of zerossl and sslforfree( which is now powered & partnered by zerossl) , they are not user friendly (based on its DCV / Domain Control Validation) and the baddest thing happened in the history is that the sslforfree is not anymore free (it is purchased already by apilayer & currently you need to pay for wildcard certificates). It is now ruined.

However, we are too grateful to have your own ssl certificate tools. It is every hard to code them (according to myself). We are very thankful for your dedication to strive more and handle all problems. You are offering free services that makes us run our own websites. How lucky we are. Thank you very much Admin & their staffs.


I didn’t know that, thanks for sharing!

Last time I checked, ZeroSSL and SSLforfree.com were separate services which both got free SSL certificates from Let’s Encrypt. Now they seem to have a limited number of certificates for free, and no wildcard certificates. Which is nasty, given how Let’s Encrypt is still as free as it was before.

We don’t do wildcard certs right now because the free hosting panel doesn’t accept them. If or when the control panel supports it, we can and will quickly add wildcard support to our tool.


:clap::clap::clap::clap: for @Admin!!

Free ssl was a paid hosting feature until you developed this solution, @Admin! There was only too options to get ssl before you developed this. Use cloudflare flexible ssl, or waste hours changing dns and approving sslforfree. Now, you just have to add 2 cnames, wait and then hey presto! free ssl on infinityfree. You just need this tool to https secure your site now. You can even enable cloudflare full ssl with this free certs.

Thanks, @Admin, Thanks.

BTW: ZeroSSL is as it was, only 3 free certs, and SSLForFree is totaly ruined by zerossl as @JavesPotato said . There’s no use of it now. :frowning_face:


Yep SSLforFree was totally ruined.

Well Let’s Encrypt did warn users about these 3rd party web based services that it was always a bad idea.


7 posts were split to a new topic: The certificate you entered does not match the current private key

Does the infinityfree ssl tool support subdomains? I mean my own subdomains like downloads.diystack.ml. Or Do I have to use an external tool such as freessl.org?

Yes, it supports subdomains of your domain name. The only thing that it doesn’t support are the subdomains offered by the free hosting platform (e.g. the ones that end with epizy.com or rf.gd) for now.


It just give me error, if I am sincere, I use Cloudflare

What error?

Is this

So add the CNAME Record to your CNAME Panel and wait for an hour or a day.


I waited but it is the old-same-old

If you use Cloudflare nameservers you should add the records from the Cloudflare dashboard, remembering to leave them DNS only and not proxied.


This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Hi All!
I have purposly tested this plugin and it seems not to be working for me. I used cname records in cPanel as per the article mentioned in the support base. I am well enough technical now to seek errors and do troubleshooting, basically that’s why I help people out here.

My point is that, it should have HTML verification. As you told it is not reliable, but many people suffer from these errors:

I have waited for literally 1 week and still it doesn’t works. Sometimes on refresh it works and suddenly, it does not work. When I go to continue (When both records were validated) just on clicking continue, the error appeared again.

Unusual problem, that’s why decided to shift to Cloudflare.

The reason why we don’t do HTTP verification is that it just doesn’t work. The browser validation system blocks Let’s Encrypt’s verification attempts. I agree that a HTTP verification system would be MUCH more simple for users (because it wouldn’t require any manual action for the verification), but it just isn’t possible.

So DNS based validation is the only method that will work at all. There is simply no alternative.

If HTTP verification did work for you, that’s probably because you’re using Cloudflare. But directing people to use Cloudflare and set up their DNS records there, only to avoid them having to setup DNS records with us, doesn’t seem like a very practical solution.

That’s usually caused by bad nameserver configuration on your domain. If you are using ns1.epizy.com and ns2.epizy.com, you shouldn’t have this issue. If you are using non-existent nameserers (e.g. ns3-5.epizy.com), are using broken nameservers (byet.org) or have mixed in the nameservers of other providers, you’ll have random failures like this.

We’re doing our best to catch as many errors as possible automatically and provide useful feedback, but people find more creative ways to mess up their DNS configuration than we can build checks for.


I enforce Cloudflare full (strict) mode,and free ssl tool helps me :smiley: