The story behind FreeSSL.tech
Google Chrome, Mozilla Firefox, Opera – all the major browsers are enforcing more strict security policies to protect internet users. Since January 2017, Google Chrome is flagging ‘Not secure’ websites with a password or credit card input field but don’t have HTTPS. From October 2017, Google Chrome started to display ‘Not secure’ text on all HTTP pages that accept any user inputs. Since July 2018, Google Chrome flags all the websites as ‘Not secure’ that don’t have an SSL certificate installed, even if that doesn’t accept user input. Starting from October 2018, Google Chrome will flag the ‘Not secure’ text in red when a user starts typing in an input field.
Firefox displays a lock icon with a red strike-through on the login form that depends on the non-https protocol. Firefox shows this warning message if a user clicks on the login form: “This connection is not secure. Logins entered here could be compromised.”
Opera displays ‘Login not secure’ when a user clicks on a web page’s username/password field, which is not secured with HTTPS.
However, purchasing an SSL certificate may cost you more or less $47 per certificate per year, which is a massive burden for small businesses and personal bloggers, especially with multiple websites.
On the other hand, most of the available Let’s Encrypt clients developed for developers.
Anindya Sundar Mandal, the lead developer of FreeSSL.tech, realized the necessity of a Let’s Encrypt client/app, friendly even for less tech-savvy users.
cPanel has a solution ‘AutoSSL’. But all cPanel users don’t have ‘AutoSSL.’ Availability of ‘AutoSSL’ depends on the web hosting provider’s business policy. WHM has an option to enable or disable ‘AutoSSL’ for a specific user or package.
So, there was no 3rd party Let’s Encrypt client for cPanel to do complete automation (including SSL certificate installation) in a shared hosting environment, where the user doesn’t have root access.
That’s why we have developed the ‘FreeSSL.tech Auto‘ app and ‘Auto-Install Free SSL‘ WordPress plugin, which you may use in shared hosting cPanel. The app and WordPress plugin do complete automation, including SSL certificate installation. They need the SSL installation feature enabled in the cPanel. Otherwise, they still issue/renew a free SSL certificate by an automated process and send the user automated email with necessary information; but don’t install the SSL certificate. You need to manually install the SSL certificate with the help of your web hosting provider. The automatic email informs the user about the SSL certificate path, private key, and CA bundle (which is above the public_html). The user needs to copy the text from the email and send it to the web hosting provider with the SSL installation request.
We have posted detailed documentation to help the less tech-savvy users.