It could work, using the MOFH Api you created, then accessing the users file (By matching domain to username) and finding the file, but I am not sure how the Api work’s exactly/If this would be possible, Hence making it a lot easier just to add a file, say .verification and then add some random text to verify against, but i’m not sure how the ACME server’s work, and whether this verification would be accepted.
If infinityfree provides SSL certificates with CNAME verification I don’t see any inconvenience to switch. However, there are companies that already have a certificate and it may be the case:
- Have your own certificate
- Have a certificate already purchased from other entities such as cloudflare
-
- Have 24h support
- Distrust of a free SSL
- Have a good reputation over time.
- They can have a specialty (extra security and others) that does not have infinityfree
They can be for many reasons
Nobody is 24 hours online, if they are they don’t have much time to respond to people who are seeking for help, Also with hiring it’ll require lots of money to be spent on it.
Sorry.
There are simply companies that use security important. It may not make sense to have it in the free zone like infinityfree.
I don’t know why you keep trying to strike up arguments with people who provide you Free Hosting, Or the Moderators, who know this service like the back of their hand, This isn’t like Google / Microsoft, this is all free. Not payed. Free.
5 Likes
True
If you have a VPS/localhost & want to try it, you can simply use Certbot (GitHub). Make use of it by using shell script.
I’ve been using the free SSL from Infinityfree for almost 3 certificates now (7-8 months) I really like it and haven’t had any trouble renewing/reinstalling every three months.
The 30 day reminder is another good thing, you don’t have to worry about your site SSL expiring when you choose to be reminded. Free SSL is a huge benefit from a free webhosting provider and greatly appreciated, thank you very much 
6 Likes
A HTTP based verification would make everything easier. Unfortunately, the browser Javascript challenge prevents Let’s Encrypt from accessing the verification URLs, so DNS based validation is the only feasible option.
Which is completely unfounded by the way. There is absolutely no security difference between a regular domain verification certificate, like those from Sectigo, and Let’s Encrypt.
The only difference is that Let’s Encrypt certificates are valid for three months, while those from Sectigo are valid for one or two years. But short lived certificates are actually safer, because if the certificate or private key gets leaked, a short lived certificate means there is less risk to do harm with it. It’s no coincidence that the CA/Browser Forum (the group responsible for determining the standards for HTTPS) is banning long lasting certificates in the first place.
So what about Extended Validation certificates? Those are a waste of money too. Security exporter Troy Hunt wrote a very good article about this: Troy Hunt: Extended Validation Certificates are Dead
There is really no benefit to paying for SSL certificates, except for keeping the companies relying on an obsolete business model alive.
7 Likes
if we want to renew SSL certificate then do we have to pay ?
Free on infinity…
4 Likes
No, you can request as many as you like for the same domain!
5 Likes
I think its amazing like the service
4 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.