Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

How to Get SSL? | Even on subdomains!

Hi Guys!
I'm Rana Khashif Sarfraz. I joined Infinityfree a week ago. I found that many peoples on Infinityfree forums talking about SSL certificate for free. Most of them don't know how to install Let's Encrypt on infinityfree, so, I decided to write an article on forums so just follow my steps.
1. Cloudflare
1. Sign Up for Infinityfree
2. Transfer your domain to Infinityfree by changing nameservers
3. Sign Up for Cloudflare
4. Transfer your domain to Cloudflare by changing nameservers
5. Your Site will not affected by changing nameservers
6. Goto Crypto and SSL security and select Flexiable
7. Congrats you have install SSL
But Cloudflare SSL are not for your domain it is common name issued to sets of domains and are specified to some browsers but it is easy.

  1. Let's Enrypt
    1. Sign Up for Infinityfree
    2. Transfer your domain to Infinityfree by changing nameservers
    3. Sign Up for Cloudflare
    4. Transfer your domain to Cloudflare by changing nameservers
    5. Wait it is the same steps chill bro wait for next steps
    6. Goto www.sslforfree.com
    7. a) Enter your domain
      b) Select Manually Verify Domain (DNS)
      c) It will give you some TXT records to
      d) Copy Them
    8. Goto Cloudflare and select DNS mangement
    9. Paste the Records(TXT) that you copy
    10. It will give you private key and certificate
    11. Open cPanel select SSL/TLS
    12. Select your domain
    13. Upload Key First
    14. Upload Certificate
    15. Congrats you installed the certificate
      the above mentioned are the only ways of getting SSL/TLS for free on free hosting using Infinityfree.
      Note: By the use of second step repeat the same steps for subdomains as for main domain
      Note2: By using Cloudflare add A record of subdomains pointing towards your IP and enable traffic through CloudFlare
      Congrats it's enable! Hope you enjoy!

Comments

  • @Ranakhas said:
    Hi Guys!
    I'm Rana Khashif Sarfraz. I joined Infinityfree a week ago. I found that many peoples on Infinityfree forums talking about SSL certificate for free. Most of them don't know how to install Let's Encrypt on infinityfree, so, I decided to write an article on forums so just follow my steps.
    1. Cloudflare
    1. Sign Up for Infinityfree
    2. Transfer your domain to Infinityfree by changing nameservers
    3. Sign Up for Cloudflare
    4. Transfer your domain to Cloudflare by changing nameservers
    5. Your Site will not affected by changing nameservers
    6. Goto Crypto and SSL security and select Flexiable
    7. Congrats you have install SSL
    But Cloudflare SSL are not for your domain it is common name issued to sets of domains and are specified to some browsers but it is easy.

    1. Let's Enrypt
      1. Sign Up for Infinityfree
      2. Transfer your domain to Infinityfree by changing nameservers
      3. Sign Up for Cloudflare
      4. Transfer your domain to Cloudflare by changing nameservers
      5. Wait it is the same steps chill bro wait for next steps
      6. Goto www.sslforfree.com
      7. a) Enter your domain
        b) Select Manually Verify Domain (DNS)
        c) It will give you some TXT records to
        d) Copy Them
      8. Goto Cloudflare and select DNS mangement
      9. Paste the Records(TXT) that you copy
      10. It will give you private key and certificate
      11. Open cPanel select SSL/TLS
      12. Select your domain
      13. Upload Key First
      14. Upload Certificate
      15. Congrats you installed the certificate
        the above mentioned are the only ways of getting SSL/TLS for free on free hosting using Infinityfree.
        Note: By the use of second step repeat the same steps for subdomains as for main domain
        Note2: By using Cloudflare add A record of subdomains pointing towards your IP and enable traffic through CloudFlare
        Congrats it's enable! Hope you enjoy!

    Hi, I've tried sslforfree.com before but it was a bad experience.
    My website was flagged as Unsecure because it's a Self-Signed certificate.

    It has been a few years ago since I tested it.
    I will try it again and verify is it legit or not.

    Thanks for sharing.

  • null
    @PlanetGamingGG actually sslforfree.com didn't give you the certificate themselves they give you the Let's Encrypt signed certificate.
  • @Ranakhas said:
    null
    @PlanetGamingGG actually sslforfree.com didn't give you the certificate themselves they give you the Let's Encrypt signed certificate.

    Got this error : ERR_CERT_AUTHORITY_INVALID
    Sigh Any advice?

    Why did I censor my domain?
    Admin will not like it if that domain was showed to anyone else :cold_sweat:

  • No ssl certificates will work from websites such as sslforfree.com if you have a free account, for some reason. Try using cloudflare, it will be available on cpanel.

    Cloudflare gives you:
    -SSL
    -JS and CSS caching (makes your website load faster)
    -Development & Attack mode
    -And other things

    All for free! You can also buy a paid account there, to get access to even more features.

    Hope it helps!

  • @Freeranger said:
    No ssl certificates will work from websites such as sslforfree.com if you have a free account, for some reason. Try using cloudflare, it will be available on cpanel.

    Cloudflare gives you:
    -SSL
    -JS and CSS caching (makes your website load faster)
    -Development & Attack mode
    -And other things

    All for free! You can also buy a paid account there, to get access to even more features.

    Hope it helps!

    Yes but my site is diffrent and if I used cloudflare (tested it before) it will break it!
    But now the SSL works fine.

  • While I'm using let's encrypt ssl on my accounts.
  • Dear sir
    I want to get certificate via let'sencrypte but I have tried by your method there's one problem in cloud flare couldn't copy paste that txt record from ssl.com because there's showing message below
    DNS Records

    Your DNS zone file is hosted by Byethost, a Cloudflare partner. Changes to your DNS settings must be made through the Byethost website

    Verification TX

  • Well,
    As a matter of fact,
    I successfully inserted my letsencrypt certificate, It's legit I really inserted my cert!
    The only thing that I can't insert is my wild card ssl certificate!

    BTW @Admin can we pm each other about ssl? because of something
  • @UnknownLolz said:
    Well,
    As a matter of fact,
    I successfully inserted my letsencrypt certificate, It's legit I really inserted my cert!
    The only thing that I can't insert is my wild card ssl certificate!

    BTW @Admin can we pm each other about ssl? because of something

    If it's a very important message about a sensitive system issue, you can send an email to hello@infinityfree.net. But know that any support questions like "can you set up my SSL" or "why do you block sslforfree.com" will be rejected.

    PMs are not enabled on this forum because it was only used by people to send support requests to me.

  • Well,
    I can't really say it's so important but it just about I want to talk with you about your web hosting ssl, because you are using the cloudeflare free ssl without your common name (e.g. infinityfree.net). This is just all about your current ssl now that you are using the shared ssl....
    So I can't really say that it's so important. But if you are curios is it okay if I question you about this?
  • @UnknownLolz said:
    Well,
    I can't really say it's so important but it just about I want to talk with you about your web hosting ssl, because you are using the cloudeflare free ssl without your common name (e.g. infinityfree.net). This is just all about your current ssl now that you are using the shared ssl....
    So I can't really say that it's so important. But if you are curios is it okay if I question you about this?

    Send your question over! Vaguely describing your question here won't get it answered.

  • edited April 24

    @PlanetGamingGG
    Hi, I've tried sslforfree.com before but it was a bad experience.
    My website was flagged as Unsecure because it's a Self-Signed certificate.

    It says Self-Signed cause you haven't uploaded your CA_Bundle.
    CA_Bundle is the one that verifies your ssl if it was issued by a trsuted CA.
    And also the ca bundle is given to you by the certificate authority.

    For Example:
    You get an ssl from Comodo and the CA_Bundle is just like your csr and private key but the common name of it is the CA's Domain and the CA_Bundle will verify your legitimate ssl certificate!

    And also if you are concerned about these, I have a topic where you can just add an htaccess code to verify your ssl that it was issued from a trusted ca,
    It works fine for me,
    I also have encountered your problem too but I just add this htaccess code and the browser finally trust my ssl cert!

    Here's the code:

    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

  • @UnknownLolz said:

    @PlanetGamingGG
    Hi, I've tried sslforfree.com before but it was a bad experience.
    My website was flagged as Unsecure because it's a Self-Signed certificate.

    It says Self-Signed cause you haven't uploaded your CA_Bundle.
    CA_Bundle is the one that verifies your ssl if it was issued by a trsuted CA.
    And also the ca bundle is given to you by the certificate authority.

    For Example:
    You get an ssl from Comodo and the CA_Bundle is just like your csr and private key but the common name of it is the CA's Domain and the CA_Bundle will verify your legitimate ssl certificate!

    And also if you are concerned about these, I have a topic where you can just add an htaccess code to verify your ssl that it was issued from a trusted ca,
    It works fine for me,
    I also have encountered your problem too but I just add this htaccess code and the browser finally trust my ssl cert!

    Here's the code:

    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    Please note that what @UnknownLolz wrote here is not correct.

    CA bundles are not supported on free hosting but modern browsers don't need them either. A browser either trusts a certificate or it doesn't, and you can't make a browser trust a bad certificate using codes on your website. What would the internet look like if a phisher could make his website look trusted by adding a few lines of code?

    What likely happened in @UnknownLolz case, the certificate was installed correctly but the browser cached the old, invalid certificate. The fact that the website worked after adding the .htaccess codes was purely coincidental.

  • @Admin said:

    @UnknownLolz said:

    @PlanetGamingGG
    Hi, I've tried sslforfree.com before but it was a bad experience.
    My website was flagged as Unsecure because it's a Self-Signed certificate.

    It says Self-Signed cause you haven't uploaded your CA_Bundle.
    CA_Bundle is the one that verifies your ssl if it was issued by a trsuted CA.
    And also the ca bundle is given to you by the certificate authority.

    For Example:
    You get an ssl from Comodo and the CA_Bundle is just like your csr and private key but the common name of it is the CA's Domain and the CA_Bundle will verify your legitimate ssl certificate!

    And also if you are concerned about these, I have a topic where you can just add an htaccess code to verify your ssl that it was issued from a trusted ca,
    It works fine for me,
    I also have encountered your problem too but I just add this htaccess code and the browser finally trust my ssl cert!

    Here's the code:

    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    Please note that what @UnknownLolz wrote here is not correct.

    CA bundles are not supported on free hosting but modern browsers don't need them either. A browser either trusts a certificate or it doesn't, and you can't make a browser trust a bad certificate using codes on your website. What would the internet look like if a phisher could make his website look trusted by adding a few lines of code?

    What likely happened in @UnknownLolz case, the certificate was installed correctly but the browser cached the old, invalid certificate. The fact that the website worked after adding the .htaccess codes was purely coincidental.

    And also I think Admin is right about my answer so I shouldn't be sharing this code back over and over again lol

    But still you can try the code yourself if you are curios

  • @UnknownLolz said:

    @Admin said:

    @UnknownLolz said:

    @PlanetGamingGG
    Hi, I've tried sslforfree.com before but it was a bad experience.
    My website was flagged as Unsecure because it's a Self-Signed certificate.

    It says Self-Signed cause you haven't uploaded your CA_Bundle.
    CA_Bundle is the one that verifies your ssl if it was issued by a trsuted CA.
    And also the ca bundle is given to you by the certificate authority.

    For Example:
    You get an ssl from Comodo and the CA_Bundle is just like your csr and private key but the common name of it is the CA's Domain and the CA_Bundle will verify your legitimate ssl certificate!

    And also if you are concerned about these, I have a topic where you can just add an htaccess code to verify your ssl that it was issued from a trusted ca,
    It works fine for me,
    I also have encountered your problem too but I just add this htaccess code and the browser finally trust my ssl cert!

    Here's the code:

    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    Please note that what @UnknownLolz wrote here is not correct.

    CA bundles are not supported on free hosting but modern browsers don't need them either. A browser either trusts a certificate or it doesn't, and you can't make a browser trust a bad certificate using codes on your website. What would the internet look like if a phisher could make his website look trusted by adding a few lines of code?

    What likely happened in @UnknownLolz case, the certificate was installed correctly but the browser cached the old, invalid certificate. The fact that the website worked after adding the .htaccess codes was purely coincidental.

    And also I think Admin is right about my answer so I shouldn't be sharing this code back over and over again lol

    But still you can try the code yourself if you are curios

    That .htaccess code should enforce a redirect to make sure all visitors always use HTTPS on your site. That said, your code might break on particular circumstances (e.g. when using poorly configured Cloudflare or if we change some server settings on our end), which is why we recommend slightly different code: https://infinityfree.net/support/how-to-force-all-traffic-to-https/

This discussion has been closed.