This certificate authority post is presented by Eversign.
Over the years, web developers have complained about the costs and hassles associated with establishing a trusted security certificate for their websites. A certificate essentially vouches for a site’s safety. One service, building a client base and updating its wares since 2016, aims to make these tasks not only easy, but free. Enter the latest version of ZeroSSL.
Standard SSL (Secure Sockets Layer) protocols establish an encrypted link for data transfer between server and client, like a web server and web browser or a mail server and mail client (e.g., Gmail or Outlook). It makes online shopping secure, for example, and is a requirement for such transactions. A trusted certificate also keeps search engines from listing your site as “not secure.” So if you want to establish trust with your users, get a certificate.
ZeroSSL: Key elements
Having become a trusted certificate authority (aka CA) itself, ZeroSSL makes it easy and affordable to create SSL certificates. It bills itself as the first real alternative to Let’s Encrypt, the free, automated certificate authority the nonprofit Internet Security Research Group (ISRG) provides.
ZeroSSL offers free SSL certificates through an easy-to-navigate user interface and application programming interface. It launched the service in partnership with an existing CA, making ZeroSSL a trusted sub-authority.
Additional points to keep in mind about the service:
- Unlike Let’s Encrypt, ZeroSSL doesn’t just offer an API and ACME (automated certificate management environment) working with 90-day certificates. Its easy-to-use API allows users to create both 90-day- and one-year-validity certificates through a simple process.
- As it tests its own ACME server in beta, the company now automates certificate issuance for all existing ACME and Let’s Encrypt clients. That makes ZeroSSL a plug-in alternative to Let’s Encrypt’s ACME.
- ZeroSSL offers single-domain, multi-domain and wildcard certificates for free through ACME. It also allows users to create one-year certificates with an affordable subscription plan.
- In addition to ACME, ZeroSSL offers a REST (representational state transfer) API to issue certificates automatically, cutting down on manual tasks.
- Another point distinguishes ZeroSSL from Let’s Encrypt. ZeroSSL enables users to validate domain ownership via email, not just through the Domain Name System (DNS). That makes it easy to quickly issue certificates via the UI.
Simplicity and affordability
Not every web developer trusts a third-party service with CA tasks, because the developer can’t necessarily see and verify every detail when a service has taken over the tasks. But if you value saving both effort and money, you might consider taking the easy path with ZeroSSL.