In the modern digital landscape, securing your website is a top priority for building trust and protecting sensitive information. One of the best ways to do this is by installing an SSL (Secure Sockets Layer) certificate, which encrypts the connection between your website and its users, protecting sensitive information.
But how can you install a free SSL certificate on RunCloud? What are the limitations or restrictions to keep in mind when using a free SSL?
In this blog, we’ll walk you through the process of installing a free SSL on RunCloud and discuss some key restrictions to consider.
How to Install Free SSL on RunCloud
RunCloud provides an easy way to manage SSL certificates on your web applications. Here’s how to install a free SSL certificate using Let’s Encrypt, a popular provider offering free SSL certificates. Follow this step-by-step guide to secure your site in no time.
Step 1: Log into RunCloud
First, log into your RunCloud account and navigate to the Servers section. Select the server hosting the web application you want to secure.
Step 2: Select the Web Application
In your server’s dashboard, click on the Web Applications tab and choose the web application for which you want to install the SSL certificate.
Step 3: Click on the SSL/TLS Button
On the left sidebar, click on SSL/TLS to begin configuring SSL certificates.
When configuring SSL certificates in RunCloud, you’ll encounter two options to secure your domains:
- Basic SSL Certificate: This option applies a single SSL certificate to all domains associated with a specific web application. It’s a simple, hassle-free solution for securing multiple domains under the same certificate.
- Advanced SSL Certificate: With this option, you can manage individual certificates for each domain. This gives you more flexibility and control, allowing you to assign unique SSL certificates to each domain.
In the next step, you’ll be prompted to choose your SSL provider, which will determine how you secure your sites.
When setting up a Let’s Encrypt SSL certificate for your website, you’re faced with several important choices that affect how the certificate is issued and how your site interacts with visitors. Below is a breakdown of the key sections you will encounter during this process.
Authorization Method: What’s Your Preferred Choice?
Let’s Encrypt offers two main ways to authorize your SSL certificate request: http-01 and dns-01. With http-01 authorization, Let’s Encrypt will verify that you control the domain by checking for specific files placed on your web server. Alternatively, dns-01 authorization validates your domain by checking the DNS records for a specific challenge.
Let’s Encrypt Environment: Live or Test?
When generating your SSL certificate, you’ll need to decide whether to use a Live or Test environment. The Live environment will issue a real SSL certificate, signed by Let’s Encrypt, while the Test environment provides a fake certificate for testing purposes. This can be useful for developers or during initial setup, but when you’re ready to secure your website for real traffic, switching to Live is essential.
HTTP to HTTPS Redirection: What’s Your Plan?
Once your certificate is in place, you need to ensure that your visitors are connecting securely. RunCloud gives you three options here:
- No Redirection: Visitors can connect via insecure channel
- Server-side HTTPS Redirection: All HTTP traffic will be automatically redirected to HTTPS.
- The “HSTS & Server-Side Redirection” section enables HTTP Strict Transport Security (HSTS) and enforces server-side redirection. HSTS instructs the browser to always connect using HTTPS, even if the user attempts to access the site via HTTP. This strengthens security by safeguarding against downgrade attacks and ensuring all communication is encrypted.
Limitations and Restrictions of Free SSL Certificates
While Let’s Encrypt provides excellent, free SSL certificates, there are some restrictions to be aware of:
Expiration: Free SSL certificates are valid for 90 days. You’ll need to renew them regularly, but this can often be automated.
Rate Limits: There are limits on how many certificates you can issue per domain in a given period, which could be restrictive for large websites with frequent changes.

