This webpage client is only used in scenarios where you want to manually apply for a certificate.
- The source code of the client side of this webpage has been open sourced, and the access URL is provided by the hosting warehouse, and the source code is transparent and traceable.
- This client is only a single static HTML web page file, without any dependencies, it can be directly saved to your local use.
- Compared with binary programs and class libraries that are difficult to analyze, html code and network request data are easier to review and more secure and reliable.
- Compared with command line scripts, web pages have an easy-to-use UI interface and are easier to use.
- Except for the ACME interface address of the certificate authority you specify, this webpage client will not send data to any other address, and it is easy to check the network data through the browser console.
- This webpage client does not depend on the operating system environment, no need to download and install software, no need to register, no need to log in.
Online use URL: https://xiangyuecn.github.io/ACME-HTML-Web-Browser-Client/ACME-HTML-Web-Browser-Client.html
Support to apply for
ECC/ECDSA certificates from certificate authorities that support the ACME protocol, such as
Let's Encrypt and
ZeroSSL, and support multiple domain names and wildcards.
Because it is a single HTML file, it does not depend on any other files, and does not send any non-ACME interface requests. The key pair generation and CSR generation are implemented by pure js code. The webpage is hosted on GitHub, and the webpage code is very easy to read and review, so this The client is very secure (more secure than common binaries and command line scripts).
If you don't need automatic renewal and just want to apply for a certificate, using the webpage version of the client should be the best choice.
It may be because of manual operation and the fact that automatic renewal is not supported. The ACME client list on the official website does not provide a browser version of the client. As a result, users who only want to obtain certificates and do not need automation functions must carefully use those clients that are not easy to use.
I have been applying for a certificate through the
diafygi/gethttpsforfree webpage before, but the operation was too complicated, and I couldn't find a better web client from the official website, so I wrote my own code and made one, welcome to use🎉.
Certificate Expiration Risk Alert: Since this web client can only be operated manually and does not support automatic renewal, you should pay attention to apply for a new certificate before the certificate expires (free certificates are generally valid for 90 days, you only need to repeat the operation at that time), or use acme.sh and other client automatic renewal.