Managing SSL/TLS certificates for Windows servers has traditionally been a time-consuming, error-prone process. Certify The Web changes that equation entirely — offering automated certificate management powered by Let’s Encrypt and other ACME Certificate Authorities, trusted by over 100,000 organizations worldwide. Whether you’re running IIS on a single server or managing certificates across a sprawling enterprise infrastructure, this platform gives you the tools to automate, monitor, and scale your HTTPS operations with minimal friction.
What Is Certify Certificate Manager?
Certify Certificate Manager is the flagship desktop application in the Certify The Web product suite. Designed specifically for Windows environments, it handles the full lifecycle of free SSL/TLS certificates from Let’s Encrypt and compatible ACME certificate authorities — from initial issuance to automated renewal — with a clean graphical interface that makes HTTPS setup accessible to administrators at any experience level.
The current stable release is Version 6.1.11, available for direct download or via PowerShell and Chocolatey (choco install certifytheweb). A Release Candidate 7.0.20 is also available for those who want early access to the latest features before they reach general availability.
The free Community Edition is well-suited for evaluation or individual use, supporting up to 5 certificates per server with community forum support. Organizations managing larger certificate inventories or requiring dedicated email helpdesk support can purchase a license key. Notably, funded organizations are required to move to a licensed version once their evaluation period is complete.
Certify Management Hub: Centralized Control at Scale
For enterprises managing certificates across multiple servers or geographic locations, Certify Management Hub represents the next evolution in the product lineup. Currently in beta release, this cross-platform web interface brings all the core functionality of Certify Certificate Manager into a centralized, multi-server management console.
Key capabilities of the Management Hub include:
- Full compatibility with all core Certify Certificate Manager features
- Deployment on Linux, macOS, or Windows — giving teams flexibility in where they host the management layer
- Centralized oversight of thousands of certificates across hundreds of Certificate Manager instances from a single interface
- Multi-user, role-based access control supporting both individual administrator accounts and application/service security principals with scoped API access
- Flexible certificate distribution via installed agents, deployment tasks, or a pull-based API for custom integrations
- Centralized DNS challenge handling, so sensitive DNS credentials don’t need to be distributed across individual ACME clients
- Integrated renewal monitoring for third-party ACME clients including Certbot, acme.sh, win-acme/simple-acme, and Posh-ACME
The centralized DNS challenge feature deserves particular attention for security-conscious teams. Rather than storing privileged DNS provider credentials on every server that needs a wildcard or DNS-validated certificate, the Hub lets you manage those credentials in one place — significantly reducing your attack surface.
Full documentation for the Management Hub beta is available at the official docs site, where you can find setup guides, configuration references, and integration examples.
Certify DNS: Simplified DNS Challenge Delegation
DNS-based ACME challenges are essential for issuing wildcard certificates and validating domains where HTTP challenges aren’t practical. However, running your own acme-dns server just to handle challenge delegation is a significant operational burden for most teams.
Certify DNS solves this by providing a cloud-hosted implementation of the acme-dns protocol, handling CNAME delegation of ACME challenge TXT records to a dedicated challenge response service — without requiring you to self-host any infrastructure. Because it adheres to the acme-dns protocol, it’s compatible with most existing acme-dns clients and can be used alongside other ACME clients on any operating system, not just Windows.
Getting started is straightforward: create an account (or sign in if you already have one), then activate Certify DNS through the License Keys section of your account dashboard.
Certify Dashboard: Renewal Monitoring Across Your Entire Fleet
Visibility into certificate renewal status is critical for avoiding unexpected HTTPS outages. The Certify Dashboard — currently in beta — provides a managed monitoring solution that tracks renewal status across multiple servers and ACME clients from a single view.
Example Certify Dashboard showing certificate renewal monitoring across multiple servers and ACME clients
The dashboard currently supports licensed Certify Certificate Manager customers, with a free tier for other ACME clients under consideration based on community interest. Organizations using Certbot, acme.sh, or other ACME clients who want to evaluate the dashboard can register their interest via email or through the dedicated community discussion thread.
Upcoming features on the dashboard roadmap include:
- Team access for collaborative monitoring and certificate review across your organization
- Direct error notifications delivered to recipients of your choice when renewals fail
- Status query API for programmatic access to renewal information and custom data submission
- Webhook integration compatible with any ACME client that supports renewal status hooks
Choosing the Right Product for Your Needs
The Certify The Web ecosystem covers a spectrum of use cases. For a single Windows server running IIS, Certify Certificate Manager’s Community Edition gets you automated HTTPS with no cost and minimal setup. As your infrastructure grows — more servers, more certificates, stricter compliance requirements — the Management Hub’s centralized control and the Dashboard’s fleet-wide visibility become increasingly valuable.
Certify DNS rounds out the picture for teams that need DNS validation without the overhead of managing their own acme-dns infrastructure, and its protocol compatibility means it can serve as a drop-in enhancement for existing ACME workflows regardless of which client you’re using.
For large-scale deployments or environments with specific enterprise requirements, exploring the Management Hub documentation and reaching out to the support team is the recommended starting point. The platform’s active community forum is also a strong resource for configuration guidance, troubleshooting, and staying current with new feature releases.
References:
- Certify The Web official website: https://certifytheweb.com
- Certify Management Hub documentation: https://docs.certifytheweb.com/docs/hub
- Certify DNS documentation: https://docs.certifytheweb.com/docs/dns/providers/certifydns
- Community forum: https://community.certifytheweb.com
- Dashboard monitoring discussion: https://community.certifytheweb.com/t/renewal-monitoring-dashboard-for-certbot-acme-sh-etc/2478
- GitHub repository: https://github.com/webprofusion/certify