How to use your free SSL certificate
Every Porkbun account comes with a free Let's Encrypt SSL certificate that will renew automatically if you're using Porkbun as your DNS provider. Better yet, if your site is hosted with us, you don't have to do anything at all to add SSL security: the certificate will generate and install automatically!
How to retrieve your SSL certificate
Don't want to host your website at Porkbun? No problem! You can still get an SSL from us as long as you are using our nameservers. To download your certificate, click the "Details" button in Domain Management. Then click the "Edit" link next to SSL.
Once the certificate is ready, click "Download SSL Bundle":
Your browser will download a .zip file that contains all necessary certificates to secure your website in .pem format. Do not share this file with anyone! You can install the .pem certificates in any modern web server. Instructions will vary by vendor.
How a Let's Encrypt certificate is similar to a traditional certificate
Let's Encrypt certificates are just as valid as a traditional one-year certificate. They are universally recognized by all modern browsers and allow your site to display the green padlock symbol in your URL bar that indicates the connection is encrypted. Whether you're running an e-commerce site or just want to assure your visitors that their connection is private, your Let's Encrypt certificate gets the job done.
How a Let's Encrypt SSL certificate differs from a traditional certificate
If you have hosting with Porkbun, you will notice no difference! Your certificate will be automatically generated and installed on your website.
If your hosting isn't with us, you can still use our Let's Encrypt certificates so long as you continue to use our nameservers. However, you should note that they last for 90 days and are renewed every 75 days. That means that every 75 days, a new certificate is generated and you have a 15 day grace period to download it and install it into your web server. If you're running your own web server, you probably just want to install Certbot instead, it's a lot less hassle over time.
Please note that in order for Let's Encrypt certificates to be automatically generated, you also need to be using Porkbun's DNS service. If you've assigned 3rd-party nameservers to your domain, Let's Encrypt certificate generation will fail. Unfortunately, we are unable to generate certificates when you're using 3rd-party nameservers. However, this 3rd-party service (not affiliated with Porkbun) allows you to easily do the exact same thing, no login required. Just visit this link:
Finally, your web host may have their own implementation of Let's Encrypt, so it may be worth checking with them to see if they already have an automated solution in place.