Let’s Encrypt is a free to use tool that allows creation, management and auto-renewal of SSL certificates for web applications, services or any other apps where secure data transportation is needed.

“Acronis is directly responsible for saving our company 1200 hours per year for IT operations staff in backup and recovery workflows.” CIO, high performance IT company.
Read details in a report by Forrester.

However, there are few things that should be kept in mind when you are considering using Let’s Encrypt certificates as compared to any other traditional SSL Certificate through a Certificate Authority (CA) like Comodo.

  • The certificate has a validity of 90 days only at a time and it may be even less in future.
  • No easy installation wizard is available for it.
  • Let’s Encrypt needs a certificate management agent for operating on the same server that will handle requests related to that domain.

How to set up Let’s Encrypt certificate on a Windows server?

1. To begin with, you require a Let’s Encrypt client that speaks the Automated Certificate Management Environment (ACME) protocol. Let’s Encrypt client will utilize it for interacting with any CA supporting the ACME Protocol. ACME protocol is based upon JSON over HTTPS.

Therefore, firstly you need to download Windows ACME Client. I used Version 1.9.6 compiled zip.


Extract it on the server in a directory where it can reside permanently.

2. Next, you can deploy an SSL Certificate for your IIS web server. After downloading and extracting the Windows ACME Client to a directory, you need to run exe with administrative rights.

You will need to provide an email address so that the renewals can be taken care of.

Press Enter Key.

It will show Menu options. Select ‘N’ and Press Enter key.

Choose menu option: 1 for Single binding of IIS site and Press Enter key.

Select Website ID where you want to Install SSL certificate and Press Enter key.

Choose verification method and Press Enter key.

Next, you will have to accept the Terms and Conditions. Type ‘y’ and enter.

Now you will be asked to choose which binding you want to generate the SSL for:

i.e. it is www.znetindia.net. So chose option 1

3. Lastly, as a final step, these are things you should know:

a. You have a date on which the certificate will become outdated, note it somewhere.

b. For renewing this certificate, a scheduled task has been set for 60 days’ time period on this machine.

c. Certificate Store is the place where the certificate is deployed.

d. The IIS website has an https binding now.

ZNetLive provides free Let’s Encrypt certificates with its shared hosting service.

In case you have any query regarding this writeup or regarding SSL certificates, let me know via comments section. I’ll be happy to answer.

“Before the Acronis implementation, there was a huge risk that malware could take down our company. Now, with Acronis, I can say that we’ve done everything possible to protect our data from an attack.” CIO, high performance manufacturing company.
Read details in a report by Forrester.

Services ZNetLive offer:

Domain Name Registration

Best Shared Hosting

WordPress Hosting Plan

VPS Hosting Plans

Buy Dedicated Server