When managing your SSL/TLS certificates for websites, email servers or any other services, you need a simple and reliable automation system with a visual overview that's easy to use and support. As your requirements grow more complex you need a powerful solution that scales, with dedicated support when you need it.
Simply install the app on your server, setup the domains you want to manage certificates for and let the Certify The Web software take care of renewing and (optionally) deploying certificates.Note: Features described here apply to v5.0 or higher.
Services which are associated with a domain (websites, mail servers, remote access etc) use DV (Domain Validated) certificates to prove that the service being used is genuine and to encrypt the communication between the end-user and the server itself.
Certificate Automation works by requiring you to regularly prove control of your domains to a Certificate Authority, such as Let's Encrypt, who can then issue you a new certificate for your domain with a short expiry date.
Each certificate may cover multiple domains. You can easily add or remove domains from a certificate and auto-populate the list of domains from existing website bindings (e.g. IIS).
Depending on the Certificate Authority you choose, your certificate can include a single domain, multiple domains (SAN) or domain wildcards (e.g. *.certifytheweb.com) to cover multiple sites or services.
The current most common automated Certificate Authority is Let's Encrypt, a free Certificate Authority (letsencrypt.org). You can also choose from other ACME (Automated Certificate Management Environment) Certificate Authorities, such as BuyPass Go SSL, DigiCert or a custom certificate authority (such as smallstep).
If required, each Managed Certificate can use a different Certificate Authority and you can mix use of Production or Staging (Test) certificates.
Certificate Authorities will require you to prove you control the domain you are requesting a certificate for (Domain Validation). The most common method is an automated Challenge Response via http (presenting a specific file at a url on your domain) or DNS (add a specific TXT record to your domains DNS). This complex process is handled for you automatically by the software.
Certify The Web has support for over 36 different DNS APIs and DNS automation methods (including acme-dns and custom scripting options). Popular DNS providers include Cloudflare, AWS Route53, Azure DNS and GoDaddy.
If you require a wildcard certificate for a domain, most Certificate Authorities require that you validate your domain using the DNS method.
Our built-in dynamic http challenge server means you can automatically serve http challenge responses to the Certificate Authority (via port 80) without requiring http bindings on your website and without interrupting normal traffic to your website.
When port 80 is in use by a non-http.sys based service (such as Apache httpd) you can fallback to serving challenge responses via your web server.
Domain validation methods can be mixed as required within a single certificate order depending on your requirements.
Whether you need simple auto deployment to IIS or advanced deployment to other services/servers or remote certificate stores, Certify The Web has extremely powerful options for sophisticated deployment.
You can let the app auto-renew certificates then automatically deploy them to the services that use the certificates (e.g. IIS websites).
The default Auto Deployment will apply your certificate to applicable IIS websites, or you can use Deployment Tasks to apply the latest certificate to a range of other services.
The Preview tab shows the planned actions to be carried out during the next certificate request or automatic renewal, including:
The software is constantly being improved and refined, so be sure to stay up to date with the latest version. There are many other features and details to be explored, so check out the documentation.
And last but not least, there's Dark Mode. The easy on the eye, and arguably much cooler, alternative to Light mode.
To get started using Certify The Web, download the latest version and try it out.