SSL Certificate Authorities Used by DNSimple
Table of Contents
DNSimple provides SSL certificates signed by two globally recognized certificate authorities: Sectigo and Let’s Encrypt.
Sectigo
Sectigo (formerly Comodo) is a commercial certificate authority. DNSimple uses Sectigo to issue the following products:
- Sectigo PositiveSSL - Single-name certificate, $20/year
- Sectigo PositiveSSL Wildcard - Wildcard certificate, $100/year
Sectigo certificates use email-based domain validation. Starting March 15, 2026, Sectigo certificates are valid for a maximum of 200 days due to CA/Browser Forum requirements.
Sectigo root certificates are trusted by all major browsers, operating systems, and mobile devices. See the Sectigo compatibility page for root and intermediate certificate details.
Let’s Encrypt
Let’s Encrypt is a free, automated, open certificate authority operated by the Internet Security Research Group (ISRG). DNSimple uses Let’s Encrypt to issue the following products:
- Let’s Encrypt SAN - Multi-name certificate covering up to 100 hostnames, free
- Let’s Encrypt Wildcard - Wildcard certificate, free
Let’s Encrypt certificates are validated automatically using DNS challenges and are valid for 90 days. DNSimple supports auto-renewal for Let’s Encrypt certificates. Your domain must resolve with DNSimple.
Let’s Encrypt root certificates are trusted by all major browsers and operating systems. See the Let’s Encrypt chain of trust for root and intermediate certificate details.
Identifying Your Certificate Authority
You can determine which CA signed your certificate by inspecting the certificate details in your browser or by checking the certificate page in your DNSimple account.
Learn more: How Do I Determine the Certificate Authority That Signed My SSL Certificate?
Have More Questions?
If you have any questions about certificate authorities, contact support, and we’ll be happy to help.