SSL/TLS Certificates

Table of Contents


TLS (Transport Layer Security) and its predecessor, SSL (Secure Sockets Layer), are security protocols designed to secure the communication between a server and a client, for example, a web server and a browser. Both protocols are frequently referred to as SSL.

A TLS/SSL certificate (simply called SSL certificate) is required to enable SSL/TLS on your site and serve your website using the secure HTTPS protocol.

We offer different types of domain-validated SSL certificates signed by globally recognized certificate authorities.

Getting started with SSL certificates

Are you buying an SSL certificate for the first time? We assembled a getting started with SSL Certificates article to guide you through the entire process.

SSL certificate products

There are several types of SSL Certificates. They’re generally classified by validation type or secured domains. If you aren’t familiar with the differences, take a look at the SSL certificate types article.

DNSimple provides the following certificate products:

  1. Standard Single-name SSL certificate
  2. Standard Wildcard SSL certificate
  3. Let’s Encrypt SSL certificate
  4. Let’s Encrypt Wildcard SSL certificate

All SSL certificates are issued by globally recognized certificate authorities.

All certificates are domain-validated. We don’t provide organization-validated (OV) or extended-validation (EV) SSL certificates.

Standard Single-name SSL certificates

The single-name certificate is a single-name, domain-validated certificate. It covers one host and the root domain in case of the www hostname.

The certificate is issued by Sectigo and it costs $20 per year. The product name is Sectigo PositiveSSL certificate.

Standard Wildcard SSL certificates

The wildcard certificate is a wildcard-name, domain-validated certificate. It covers all single-level subdomains, as well as the root domain.

The certificate is issued by Sectigo and it costs $100 per year. The product name is Sectigo PositiveSSL Wildcard certificate.

Let’s Encrypt SAN SSL certificates

The Let’s Encrypt certificate is a multi-name (SAN), domain-validated certificate. It covers all the host names specified in the certificate.

The certificate is issued by Let’s Encrypt, and it’s free. However, certain characteristics or requirements of this certificate may make this product unsuitable for you. Learn more

The ability to customize the names associated with a Let’s Encrypt certificate depends on the plan you’re subscribed to. Please check the plans and pricing page to view all your options.

Let’s Encrypt Wildcard SSL certificates

The Let’s Encrypt wildcard certificate is a wildcard-name, domain-validated certificate. It covers all single-level subdomains of a domain name. It does not cover the root domain.

The certificate is issued by Let’s Encrypt, and it’s free. However, certain characteristics or requirements of this certificate may make this product unsuitable for you. Learn more

Let’s Encrypt wildcard certificates are only available on certain plans. Please check the plans and pricing page to view all your options.

What’s a “Standard” Certificate Authority?

You may have noticed we use the term standard in our documentation when referring to some specific product types. Let’s Encrypt has represented a big shift in the certificate authority field in terms of offering, pricing, and automation. Traditionally, certificate authorities have offered yearly certificates. They charged an issuance fee, and the domain validation was generally performed manually via email.

With the term Standard, we refer to traditional certificate authorities. We expect the difference between traditional authorities and Let’s Encrypt to be reduced in the future. For example, some authorities are already working to expose a more automated validation flow.

There’s nothing negative about being a “Standard” authority, nor about buying a “Standard” certificate. It’s just a term we use at DNSimple to simplify the workflow.

Manage SSL certificates

You can purchase and manage SSL certificates from your domain page. Go to the domain page and scroll down until you find the SSL certificate section.

SSL Certificate section

If the domain is not in your DNSimple account because you just joined DNSimple or because it is registered elsewhere, it’s not a problem - just add the domain to your account and follow the same procedure.

To go to the SSL certificate section
  1. Log into DNSimple with your user credentials.
  2. If you have more than one account, select the relevant one.
  3. On the header click the tab, locate the relevant domain and click on the name to access the domain page.
  4. Scroll down the page until you see the section.

From the certificate section you can purchase an new SSL certificate, renew an existing SSL certificate or view and install the SSL certificate.

SSL certificate Frequently Asked Questions

The SSL Certificate frequently asked questions page contains the most common questions about DNSimple SSL certificates.