News


June 2020

Certify The Web v5 released

Certify The Web v5 is now available for download This a major update which has been under development for over a year. See the release notes: Release Notes

New Features:

Deployment Tasks are a powerful new feature found under the Deployment tab, enabling you to easily publish your certificates in new ways with minimal scripting:

Over 38 DNS API providers and automated DNS update method now available, for DNS domain validation.

Multiple Certificate Authorities You can now add multiple accounts for different certificate authorites (production or staging) and individual managed certificates can use their choice of account.

BuyPass Go SSL You can now choose BuyPass Go as a built-in Certificate Authority. This gives you access to free certificates with a 180-day expiry (domain restrictions apply).

Dark Mode Because dark modes are cool.


May 2020

Important: Users of old versions of the app (prior to v4) should upgrade immediately. Let's Encrypt are retiring the ACME V1 API in June 2020.

v5.x beta testing: join the beta testing for v5 to give feedback on new features and help us iron out any new bugs!


March 2020

Some users have been affected by the recent Let's Encrypt CAA bug which resulted in come certificates being revoked (depending on when they were last renewed/requested). Users who have received this email and are seeking a solution should refer to this community post: https://community.certifytheweb.com/t/faq-action-required-lets-encrypt-revoked-certificates/759/2


February 2020

Certify The Web v5 will begin beta testing shortly. Meanwhile, many users have been upgrading from older versions of the app because they have received emails from Let's Encrypt telling them about the move from ACME V1 to ACME V2, or they received a message about Multiple Domain Validation Requests and failed validations. Users already on v4.x are already using ACME v2 and don't need to update unless they are having trouble with renewals. We have released an update (v4.1.7) which extends the default DNS propagation delays and adds the option for custom propagation delays to all DNS API Providers.

If you are using Windows Server 2008 R2 SP1 (64-bit) or higher you can upgrade to v4. Users who cannot run .net 4.6.2 or higher need to either upgrade their server to a newer OS or seek alternative tools for use with Let's Encrypt. If your operating system is no longer supported by Microsoft we can't support it either.

If you have been holding off upgrading because you don't know if the app will keep your settings, don't worry: backup your C:\ProgramData\Certify folder then update the app as normal. If you have the old 32-bit version of the app installed you will need to uninstall that, however your settings will not be removed and will be upgraded with the new version.


August 2019

Upgrade Time!

Let's Encrypt will shortly be disabling v1 of their API as used by Certify The Web version 3.x and lower. If you are still using an older version of the app please plan your upgrade to the latest version now. Note that for 32-bit users there is no upgrade path and you will have to move to a 64-bit server to continue using the app.

We estimate this affects about 30% of users, so start upgrading now!

New Deployment Features Coming Soon

In the upcoming update we plan to add some great new features for people who need to use their certificates with non-IIS servers (such as Apache, nginx etc).

We will have built in support for exporting the correct formats and copy to either local or remote locations.

Users interested in beta testing early versions should check out the github issue tracking these features.


January 2019

Certify The Web v4.1 released

If you are still using an older version of the app please considering checking out the latest version and testing it with your configuration. If you are still on the 3.x version you may be missing out on important bug fixes or great new features, so check it out!

Please note that Let's Encrypt are not fully retiring the tls-sni-01 challenge and the latest versions of Certify will auto fallback to the http-01 challenge instead if you still have the old challenge type selected.

Users who are currently relying on Manual DNS updates in order to request Wildcard certificates are encouraged to check out the new ACME DNS support which is a one-time creation of a CNAME in your DNS zone (per domain) which you point to a server managed TXT record, removing the need to make updates to your DNS zone, so give it a try.


July 2018

Certify The Web v4.0 released

We started development of our new app version 6 months ago, including 4 months of user testing through Alpha and Beta stages. Now, we are proud to release v4 of Certify The Web.

New in version 4.0:

Manual downloads are available now from https://certifytheweb.com, if you have an older version of the app already installed it will start to offer to update itself in about 1 week.


April 2018

v4 Pre-release evaluation and testing has begun

If you are interested in testing the pre-release version of v4 you can check out this github issue for more info: v4 Testing

This new version will include:

New community forum

If you're interested in helping other get the most out of using Certify The Web, or want to ask how other people use it, check out our new community discussion forum: https://community.certifytheweb.com note: this does not use your certifytheweb.com dashboard account details, instead it has it's own set of usernames etc.


January 2018

The tls-sni-01 challenge type is no longer available

Let's Encrypt have disabled support for the tls-sni-01 challenge type. You can read more on their forum.

If you are currently using the tls-sni-01 challenge type in Certify SSL Manager you will receive the following error on your next renewal attempt: Request failed - no challenge found matching requested type. You will need to switch to using the http-01 challenge type (via port 80). We are starting work on support for DNS validation (see below) as an alternative.

Wildcard Domain Support and Let's Encrypt V2 API

Let's Encrypt have announced they will make wildcard domain support available from the end of February 2018 onwards. Work to enable this feature in Certify SSL Manager has begun (targeting March 2018) and requires the following new features and changes:

Let's Encrypt API V2 support

We will need to make changes to support the V2 Let's Encrypt API. We currently used the ACMESharp library to talk to Let's Encrypt (v1) and we are looking at options including the Certes library and extending ACMESharp.

DNS Challenges

Wildcard domain validation is only supported by Let's Encrypt via DNS validation. For that to work we need to offer a manual or automated DNS validation step, so that the required DNS TXT records can be created on your domain(s) as required. Currently each DNS provider either has their own API or no API at all. This is likely to improve over the next few years (because of pressure from customers using Let's Encrypt etc) but currently we're looking at the most efficient way to enable this.

UI changes

We are looking at how best to support wildcard certificates. In general there will be a central renewal of the wildcard certificate and then the option to apply that to one or more other sites. We're currently evaluating how much of that should be automated and how much should be left to the user to specify.


November 2017

Certify SSL Manager v3.x is out now including:

New background service

A new background service has been implemented for certificate request & renewal management, with realtime UI updates. This replaces the old scheduled task method.

Reporting dashboard

A new central reporting web dashboard is available to all users. Just register each instance with the dashboard and your installation will start sending in status reports. We will be expanding/refining this feature based on feedback.

Bulk import from CSV

It is now possible to import your list of sites to manage using a CSV file. This is an experimental feature and feedback is appreciated. More information can be found here: Bulk Import of Managed Sites