Let’s Encrypt is a free to use tool that allows creation, management and auto-renewal of SSL certificates for web applications, services or any other apps where secure data transportation is needed.
However, there are few things that should be kept in mind when you are considering using Let’s Encrypt certificates as compared to any other traditional SSL Certificate through a Certificate Authority (CA) like Comodo.
- The certificate has a validity of 90 days only at a time and it may be even less in future.
- No easy installation wizard is available for it.
- Let’s Encrypt needs a certificate management agent for operating on the same server that will handle requests related to that domain.
AI-powered Backup Solution
Unmatched Backup Features from Future
How to set up Let’s Encrypt certificate on a Windows server?
1. To begin with, you require a Let’s Encrypt client that speaks the Automated Certificate Management Environment (ACME) protocol. Let’s Encrypt client will utilize it for interacting with any CA supporting the ACME Protocol. ACME protocol is based upon JSON over HTTPS.
Therefore, firstly you need to download Windows ACME Client. I used Version 1.9.6 compiled zip.
Extract it on the server in a directory where it can reside permanently.
2. Next, you can deploy an SSL Certificate for your IIS web server. After downloading and extracting the Windows ACME Client to a directory, you need to run exe with administrative rights.
You will need to provide an email address so that the renewals can be taken care of.
Press Enter Key.
It will show Menu options. Select ‘N’ and Press Enter key.
Choose menu option: 1 for Single binding of IIS site and Press Enter key.
Select Website ID where you want to Install SSL certificate and Press Enter key.
Choose verification method and Press Enter key.
Next, you will have to accept the Terms and Conditions. Type ‘y’ and enter.
Now you will be asked to choose which binding you want to generate the SSL for:
i.e. it is www.znetindia.net. So chose option 1
3. Lastly, as a final step, these are things you should know:
a. You have a date on which the certificate will become outdated, note it somewhere.
b. For renewing this certificate, a scheduled task has been set for 60 days’ time period on this machine.
c. Certificate Store is the place where the certificate is deployed.
d. The IIS website has an https binding now.
ZNetLive provides free Let’s Encrypt certificates with its shared hosting service.
In case you have any query regarding this writeup or regarding SSL certificates, let me know via comments section. I’ll be happy to answer.
Services ZNetLive offer:
Umesh, Team Lead – Technical, is a Microsoft products’ expert with enviable certifications like RHCE, MCPS, MCSA and MCSE. An excellent team player, he utilizes his expertise of over 7 years in the technical sphere to handle technical issues brilliantly and dedicatedly value adds to the system administration and management fields. He can be seen drawing or playing chess in free time.