Sometimes there are tasks where you need to urgently issue an SSL certificate for a domain so that the browser accepts it without security warnings. The goals can be different, for example, you don't have time to pay for renewal, or you need a certificate just once to show a project.
You can issue a free SSL certificate for 3 months using the win-acme package. Download and run it on the Windows operating system. This tool allows you to issue an SSL certificate from Let's Encrypt in a matter of minutes.
1. Unpacking the archive
Use 7zip or winrar to unpack.
2. Launching and domain validation
In the unpacked folder where the wacs.exe file is located, create a new folder named ssls.
Launch wacs.exe and follow the instructions:
2.1 Selecting the default parameter
N: Create certificate (default settings)
2.2 Type (domain or CSR)
2: Manual input
2.3 It is necessary to list the domains
Host: www.example.com
If you don't need the www prefix, specify example.com; for all subdomains use *.example.com
If you need to issue a certificate for multiple domains at once, list the domains separated by commas, for example example.com, example.org
2.4 Selecting the validation method
We will confirm domain ownership via a DNS record.
6: [dns-01] Create verification records manually (auto-renew not possible)
2.5 Selecting the web server type
2: PEM encoded files (Apache, nginx, etc.)
2.6 Selecting the folder for the finished SSL certificate
We specify the folder we created in the root of this utility.
File path: ssls
2.7 Password if necessary
1: None
2.8 Additional options
3: No (additional) installation steps
2.9 Add the record
Open the DNS record editor at your domain registrar or hosting control panel and add the record that appears at this stage, which looks like:
[*.example.com] Authorizing...
[*.example.com] Authorizing using dns-01 validation (Manual)
Domain: example.com
Record: _acme-challenge.example.com
Type: TXT
Content: "SKhq4qVNQdlHZHTVY-1oaGQl4JHxwDBCAB_GmlMib7s"
Note: Some DNS managers add quotes automatically. A single set
is needed.
Please press <Enter> after you've created and verified the record
The record should look like this:
After the record has been added, press Enter.
2.10 Validation and record deletion
If everything is successful, the following message will be displayed:
[*.example.com] Preliminary validation succeeded
[*.example.com] Authorization result: valid
Domain: example.com
Record: _acme-challenge.example.com
Type: TXT
Content: "SKhq4qVNQdlHZHTVY-1oaGQl4JHxwDBCAB_GmlMib7s"
Please press <Enter> after you've deleted the record
Now go back to the DNS editor and delete the created TXT record and press Enter.
2.11
Downloading certificate [Manual] *.example.com
Store with PemFiles...
Exporting .pem files to ssls
Open the ssls folder - it contains the issued SSL certificate and the private key. For installation on the server, you will need two files:
_.example.com-chain.pem - certificate with the root chain _.example.com-key.pem - private key file
3 Additionally
3.1 Viewing SSL certificate contents
Use the online tool for viewing SSL certificate contents, including the expiration date.