About getaCert.com
Founded in February 2005 by David McCulloch in Seattle, Washington — providing free SSL certificate tools to developers for over 20 years.
getaCert.com helps developers, IT teams, and businesses generate, sign, and decode SSL/TLS certificates for development, testing, and internal use. Over 300,000 certificates generated and counting.
What We Offer
- Self-Signed Certificates — Generate a complete certificate set (private key, CSR, certificate, PKCS#12) instantly.
- CA-Signed Certificates — Get certificates signed by the getaCert Certificate Authority for testing trust chains.
- CSR Signing — Submit your own CSR and get it signed by our CA.
- Certificate Decoder — Paste any PEM certificate or CSR to view its human-readable details.
- SSL Domain Checker — Inspect any domain's SSL certificate, chain, and TLS configuration.
- Let's Encrypt Proxy — Get free, browser-trusted certificates via Let's Encrypt with DNS or HTTP validation.
- REST API — Generate certificates programmatically with your portal key.
Pricing
| Tier | Price | What You Get |
|---|---|---|
| Free | $0 | Self-signed & CA-signed certs up to 30 days. Certificate decoder. SSL checker. |
| Extended | $4.99 | Certificates up to 1 year validity. |
| Long-term | $9.99 | Certificates up to 10 years validity. |
| Portal Access | $9.99 (one-time) | Unlimited cert generation, saved cert history, REST API access. |
Key Types
We support modern cryptographic algorithms including RSA (2048/4096-bit), ECDSA (P-256, P-384), and Ed25519. Choose the key type that matches your security requirements and compatibility needs.
REST API
Generate certificates programmatically with your portal key. All API endpoints require authentication via your portal access key.
curl -X POST http://getacert.com/api/v1/self-signed \
-H "Content-Type: application/json" \
-H "Authorization: Bearer gac_YOUR_PORTAL_KEY" \
-d '{"cn": "test.example.com", "key_type": "ec256", "days": 365}'The API returns JSON with full PEM certificate content, private key, and CSR:
{
"status": "ok",
"result": {
"name": "test.example.com-2026-03-17-120000",
"files": {
"pem": "-----BEGIN CERTIFICATE-----\n...",
"pkey": "-----BEGIN EC PARAMETERS-----\n...",
"csr": "-----BEGIN CERTIFICATE REQUEST-----\n...",
"cer": "-----BEGIN CERTIFICATE-----\n..."
}
}
}Available endpoints:
| Endpoint | Auth Required | Description |
|---|---|---|
POST /api/v1/self-signed | Yes | Generate a self-signed certificate |
POST /api/v1/ca-signed | Yes | Generate a CA-signed certificate |
POST /api/v1/sign-csr | Yes | Sign a CSR with our CA |
POST /api/v1/decode | No | Decode a PEM certificate or CSR |
Authentication: pass your portal key as Authorization: Bearer gac_xxx, X-API-Key: gac_xxx, or ?api_key=gac_xxx.
Rate limits: 100 certificates per day per portal key. The decode endpoint allows 30 requests per day without authentication.
Important Notes
- Certificates from getaCert.com are for development and testing only. They are not trusted by browsers.
- The default password for private keys and PKCS#12 files is
password. - For production SSL, use a publicly trusted CA like Let's Encrypt.
Support getaCert.com
getaCert.com has been free since 2003 and will stay free. If this tool saves you time, consider buying us a coffee. Your support helps cover hosting costs and keeps the site running.
Contact
Have a question, feature request, or found a bug? We'd love to hear from you.
| contact@getacert.com | |
| Website | getacert.com |