How Your Free SSL Certificate Works

Every Porkbun domain comes with a free Let's Encrypt SSL certificate that will renew automatically if you're using Porkbun as your DNS provider. Better yet, if your site is hosted with us, you don't have to do anything at all as your free SSL certificate will generate and install automatically!

This guide will show you how to manually generate a certificate on your domains that aren't already set up with one. We'll also show you how to download the SSL certificate so you can use it on another web hosting server.

How to Generate an SSL Certificate

Log in. You should arrive at the Domain Management screen. If you're already logged in, click on ACCOUNT in the top-right corner and select "Domain Management" from the list.

Locate the domain you're creating an SSL certificate for. One way to see whether or not your domain has an SSL certificate already is to look for the shield icon to the left of your domain.

Select the "Details" button to open the details menu for your domain. On the menu that appears, click on the edit icon next to "SSL".

SSL certificate option in domain details menu

That's it! You'll see a menu letting you know that we've begun generating your SSL certificate. You can navigate away from this page and we'll handle the rest. You should be able to return to this page in 1-2 hours and see the certificate successfully applied to the domain.

SSL certificate generation menu

⚠️️ Note

You may see some error messages if you return to this page before the SSL certificate finishes generating. Those are normal! If your domain's SSL certificate doesn't finish generating after 24 hours, reach out to support for assistance.

How to Download Your SSL Certificate

If you're using web hosting from an external provider and they don't provide you with an SSL certificate for your website, you can always download our free SSL certificate so you can upload it to your host's server. This works great for self-hosting too! Just keep in mind you'll need to set up something like Certbot in order to keep the certificate renewed automatically.

Navigate to the SSL certificate page for your domain. If the certificate has already been created, click on the shield icon to the left of your domain to get there quickly.

Click on the "Download SSL Bundle" button to download the certificate for your domain.

Your browser will download a .zip file that contains all necessary certificates to secure your website in .pem format. Do not share this file with anyone! You can install the .pem certificates in any modern web server. Instructions will vary by vendor.

Are Let’s Encrypt Certificates Secure vs Traditional Certificates?

Yes! Your Let's Encrypt certificate is just as valid as a traditional one-year SSL certificate. They are universally recognized by all modern browsers and allow your site to display the green padlock symbol in your URL bar that indicates the connection is encrypted. Whether you're running an e-commerce site or just want to assure your visitors that their connection is private, your Let's Encrypt certificate gets the job done.

How a Let's Encrypt SSL Certificate Differs From Traditional Certificates

If you have hosting with Porkbun, you will notice no difference! Your SSL certificate will be automatically generated and installed on your website.

If your web hosting isn't with us, you can still use our Let's Encrypt certificates so long as you continue to use our nameservers. You should note, however, that Let’s Encrypt SSL certificates last for 90 days and are renewed every 75 days. That means that every 75 days, a new certificate is generated and you have a 15-day grace period to download it and install it into your web server. If you're running your own web server, you may prefer to install Certbot, instead, as it's a lot less hassle over time.

Please note that in order for Let's Encrypt certificates to be automatically generated, you also need to be using Porkbun's DNS service. If you've assigned 3rd-party nameservers to your domain, Let's Encrypt SSL certificate generation will fail. Unfortunately, we are unable to generate certificates when you're using 3rd-party nameservers. However, there is a 3rd-party service (not affiliated with Porkbun) which allows you to easily do the exact same thing, no login required. Just visit this link:

SSL For Free

Finally, your web host may have their own implementation of Let's Encrypt, so it may be worth checking with them to see if they already have an automated solution in place.