If you want an SSL certificate that’s trusted by browsers, it must be provided by a known SSL certificate provider, also called Certificate Authority. InfinityFree integrates with multiple SSL providers, because different SSL providers are better suited for some circumstances. This article details the various options we support, and which we recommend for you.

Which SSL providers are available?

Let’s Encrypt

Let’s Encrypt is the world’s largest SSL certificate provider. Let’s Encrypt changed the world by offering free SSL certificates to everyone, and by focusing on short lived certificates and automation. Let’s Encrypt does not provide any paid services, they are a non-profit sponsored by browser makers, hosting providers and other companies trying to make the internet safer.

Features

• Certificates are valid for 90 days.
• Easy renewal process (only need to setup CNAME record once, which can be reused on renewal).
• Usually issued in around 30 seconds.
• Trusted by most modern web browsers.

Who should use it?

We recommend Let’s Encrypt to everyone who hosts their own domain name with us. Let’s Encrypt’s setup process is fast, easy and reliable and their certificates are well known and trusted.

Google Trust

Google provides a wide range of services, including various products for security. They recently added free SSL certificates to their portfolio.

Features

• Certificates are valid for 90 days.
• Easy renewal process (only need to setup CNAME record once, which can be reused on renewal).
• Usually issued in around 30 seconds.
• Trusted by most modern web browsers.

Who should use it?

We recommend Google Trust if you are having issues with Let’s Encrypt, for example if you have reached the limit on the number of certificates per domain name you can get.

ZeroSSL

ZeroSSL is a free SSL certificate provider. They typically charge extra if you want advanced certificates with more domains or longer lifetime, but they provide free SSL certificates valid for 90 days.

Features

• Certificates are valid for 90 days.
• Easy renewal process (only need to setup CNAME record once, which can be reused on renewal).
• Usually issued in around 10 minutes
• Trusted by most modern web browsers.

NOTE: We are experiencing many random errors and rate limiting issues with ZeroSSL. We do still provide it as an option, but recommend other SSL providers if possible.

Who should use it?

You can use ZeroSSL if you are having issues with Google Trust or Let’s Encrypt. We recommend both of those for most users.

Who should use it?

If you are using Cloudflare on your domain, we recommend a Self Signed certificate along with Cloudflare’s Full SSL mode. Full SSL mode provides a good balance between security and easy of use. It’s more secure than Flexible SSL, but doesn’t require regular SSL certificates like with “Full (strict)” mode.

Which SSL provider should I use?

If you are using Cloudflare on your domain, we recommend configuring Cloudflare with Full SSL, and just using the default self-signed certificate.

If you do not use Cloudflare, we recommend using Let’s Encrypt.

Do I have to choose one of these providers?

No, you are free to obtain your own SSL certificate to use here. For example, because you want a certificate that’s valid for a full year.

You can generate a private key and CSR from the control panel, and use the CSR to obtain the SSL certificate. Alternatively, you can let the SSL provider generate the private key and certificate for you, which you can then upload through the control panel.

Hello everyone,

I write to ask about the ssl certificate…

I wonder wich kind of issues can happend for errors on the uploading of the keys or the certificate.

Can we see this in detail please?

And another question, sorry my confusion, opening an account with infinityfree we get a domain or a subdomain?

When you use the SSL certificates provided by us and use the automatic installation, there is very little than can go wrong. Sure, they may be the odd glitch that causes it to fail, but usually just retrying it fixes the issue.

When you bring your own private key and/or certificate, a lot more can go wrong, like the private key type is not supported and the domain name in the certificate is incorrect. I don’t have an exhaustive list of all the things you could possibly do wrong. And neither of needs it, because you won’t see those issues when using our Free SSL Certificates tool.

We can provide you with a free subdomain, or you can bring your own domain. We don’t provide any domain registration services ourselves.

But that question is not related to the current topic. Please keep the comments on this documentation article about this article. If you have other questions, please ask them in a more appropriate place, such as the relevant article, or a separate topic.

I support Google trust.

This article is describing which free SSL providers InfinityFree “supports”, that is to say, which ones are integrated in InfinityFree’s Free SSL tool, and known to work with free hosting.
That said, good to hear that Google Trust (usually the default option) works fine for you!

Due to the SSL changes, should we either update or archive this article?

Custom domains on free hosting still need a SSL certificate, so it’s still needed.