You should always protect all of your websites with HTTPS, even if they don't handle sensitive communications. Aside from providing critical security and data integrity for both your websites and your users' personal information, HTTPS is a requirement for many new browser features, particularly those required for progressive web apps.
Kayce Basques, Technical Writer, Chrome DevTools & Lighthouse
A bit of history
With the development of telecommunication technologies, in particular, the Internet, the task of providing users with safe access to information resources has become urgent, which allows to avoid the cryptographic attack "man in the middle". One of the ways to solve it is a certification mechanism for information exchange participants. In order to ensure the interoperability of various software and hardware products (cryptographic information protection tools) used in such application services (WWW, e-mail, user authentication systems, etc.), a standard was created that describes the certificate format, which was first published by ITU-T in 1988 as part of the X.500 recommendations. It was X.509 v1. In 1993, 2 fields were added to the description of the certificate standard, which led to the emergence of X.509 v2, and a little later a third version of the standard appeared - X.509 v3.
What we colloquially call SSL certificates is technically X.509 certificates. The term "SSL certificate" was widely used due to the adaptation of Netscape's X.509 certificate format (one of the X.500 ITU directory services standards) when the company developed original versions of the SSL (Secure Socket Layer) protocol in those prehistoric times when the world was still young, dinosaurs roaming the planet, and the Internet was a friendly place. The term "SSL certificate" is preserved and, most likely, it will remain in the foreseeable future, since when pronouncing "SSL certificate" and "X.509 certificate", the first of the phrases is easier to pronounce. Of course, linguistic experts will be able to justify this wonderfully, referring to the fact that S sounds much more lyrical than X. For us, mere mortals, the main advantage of the first phrase is that it is shorter (faster to read and pronounce).
There are more and more sites in the world that need SSL certificates to switch to the HTTPS protocol. In order to simplify the scheme of obtaining certificate keys, this service was developed. It allows you to generate your own Wildcard certificate for your domain and its subdomains for 3 months in a few minutes (depending on the time of updating the DNS servers). Our site does not transfer information and personal data to third parties, and also requires confirmation of registration, which is a measure of protection against spam and bots. For all questions of interest, you can contact customer support.
Wildcard certificate - certificate that can be used with several subdomains of a domain (subdomains). For instance: Wildcard certificate *.example.com will work on test.example.com, mail.example.com, www.example.com and others, which are subdomains of example.com. Do not forget that this certificate works on one level of subdomains.
You can use this manual by switching between the menu tabs, after closing the tab, the data is saved on it (if you do not refresh the page), only scrolling is reset.
- First you need to register an account in your cabinet and confirm it by email
- After registering and entering the site, you can start generating a certificate in the management section of your cabinet
- Having reached the item "Required DNS TXT record..." you need to add or replace 2 DNS TXT records of your domain, wait for these records to be updated on all DNS servers, after which you can continue the process of generating a certificate in your cabinet
- At the end of the generation, you should see information about the certificate readiness. At this point, in your account, you can download the archive with the certificate files or send it to the mail that was linked to your account after registering on the site
- The resulting files in the archive can be used on various hosting services, web servers or other applications where the SSL protocol is used.
Questions and answers
Question: Where to edit DNS TXT domain records?
Answer: DNS TXT records are edited on your hosting, usually there is a special service such as a DNS master or similar, where you can edit A, MX, TXT and other domain records. If there is no such service on the hosting, we recommend contacting the hosting support service.
Вопрос: What TTL to set when adding DNS TXT domain records?
Ответ: TTL (Time to live) - the lifetime of a data packet in the IP protocol or in simple words: how long the DNS record will be relevant, set in seconds, after the time has expired, the record is updated. It is recommended to specify from 5 to 60 (seconds).
Вопрос: Сколько доменов может быть на аккаунте?
Ответ: For security reasons, you can use only one domain per account and bind it only to one mailbox (E-mail). To generate a certificate for another domain, register a new account and link it to another mail.
The section will be updated as necessary.