How to create the CNAME records for free SSL¶
To get a free SSL certificate from InfinityFree, you need to setup some CNAME records on your domain name. This article describes how to do that.
Setup your domain name¶
Before you can start, you first need to have working nameservers for your domain name. The easiest way to do this is to point your domain name to the InfinityFree nameservers, and add the domain name to your hosting account. You can add the domain to your account as an Addon Domain or Parked Domain, or by creating a new hosting account.
If you are using InfinityFree nameservers, please make sure you are using
ns2.epizy.com, not any
byet.org nameservers. The
byet.org nameservers have known issues which can cause random errors later on.
Which values do I need to add?¶
In the client area, go to the SSL Certificates section, and click the domain name you would like to add. If you don't see your domain name in the list yet, you can also add the domain from this page.
On the SSL Certificates page, you'll see two CNAME records: one for _acme-challenge.example.com and one for _acme-challenge.www.example.com, each with their own Destination. You should keep this browser tab open, because you'll need those Destination values.
Where can I configure my CNAME records?¶
You can edit the CNAME Records of your domain name through the equally called section in the control panel.
Navigate to your hosting account in the client area, and click the Control Panel to login. In the control panel, find the section called "CNAME Records" and open it.
If you're using third party nameservers, like Cloudflare, you need to add the DNS records through the interface of your nameserver provider. Please check with your DNS provider to learn how to do this.
Custom CNAME records don't work with the control panel Cloudflare integration. The Cloudflare integration breaks custom DNS records, so you can't complete the verification while using it. You will need to disable the Cloudflare integration, and either use Cloudflare's nameservers, or not use Cloudflare at all.
Which CNAME records do I need to add?¶
In the CNAME Records section, you will need to create the two CNAME records as shown in the client area.
Simply copy the bold fragment from the client area page (either
_acme-challenge.www) and paste it in the Record Name field. Copy the corresponding Destination from the client area, and paste it in the Destination field.
You will need to do this for both CNAME records as shown in the client area.
If there are already CNAME records present with the same Record Name, you will need to delete those records first before you can add the new records.
I have added the CNAME records, what's next?¶
If you're confident that you've setup your CNAME records correctly, you can go back to the client area, and click "Refresh DNS Status" to update the DNS status of your domain.
If both CNAME records show up as Verified, you can get your SSL certificate. Simply click the "Request SSL Certificate" button to create it.
I have added the CNAME records correctly, but I still get errors when refreshing the DNS status¶
Note that the DNS check might fail at the first try. This can happen because it takes a while for new DNS records (including CNAME records) to take effect. This is completely normal. Simply try it again later, and your DNS records will be affected.
If the CNAME records are still not being picked up after 24 hours, it's likely something was not configured correctly. You can try to troubleshoot for help, or ask someone else to look into it on the Community Forum.
I have my SSL certificate, should I delete the CNAME records?¶
If you want to, you can delete the CNAME records after your SSL certificate has been issued. Your SSL certificate will continue to work if your delete the CNAME records.
However, if you plan to renew the SSL certificate later on, it's recommended to keep the CNAME records. This way, your domain name will stay verified. So the next time you want to get an SSL certificate, you don't need to setup any DNS records again, and can get an SSL certificate right away.