Google has launched a program to provide free SSL certificates via ACME API similar to Letsencrypt. These certificates are said to be compatible with old OS and browsers. Moreover, they can issue certificates for any zone, including .RU, because of the trusted root certificate from Globalsign. However, getting these certificates is not an easy task. To make an ACME client work, one needs to specify EAB_KEY_ID and EAB_HMAC_KEY which are not clearly explained. Although there are commands written for receiving via google-cloud-cli, getting access still requires filling out a form. Despite this, it seems Public Certificate Authority API can be accessed even without the form. It remains unclear how anyone can get a certificate from Google.

It's interesting to see how companies like Google are actively supporting the use of SSL certificates and promoting secure internet practices. However, it's important to make the process of obtaining these certificates simpler for non-technical users to encourage wider adoption.

Google seems to be running very slowly, which is a problem due to the high volume of traffic that needs to be analyzed. The keys to everything will be revealed all at once.

It's important to ensure that important services like Google operate efficiently to avoid problems and ensure smooth functioning. Additionally, it's crucial to prioritize security measures when it comes to handling sensitive information through online platforms.

Quote from: Guess jr. on Oct 06, 2022, 11:54 AMthese certificates do not have any problems with old OS and browsers (in contrast to Letsencrypt)

Are you one of those who still make maybe CSS for IE6 ? LE has no problems with old operating systems and browsers, because it is not supported by old, but dead operating systems and browser versions.

When choosing between certificates that work everywhere and those that don't, it's better to opt for the former. This is because not everyone knows how to upgrade their OS and some older devices can't support certain certificates. For instance, even the latest version of Chrome cannot access Letsencrypt sites. Moreover, some appliances like fridges and irons accessing site scripts make updates a difficult task.

Overall, Google's certificates could be a good alternative to ZeroSSL for .RU domains. However, the process of obtaining EAB_KEY_ID and EAB_HMAC_KEY needs to be clarified.

It's important to consider compatibility issues when choosing SSL certificates to ensure that website visitors can access the site from any device or OS. Additionally, simplifying the process of obtaining certificates can encourage more websites to adopt secure practices.

By the way, in addition to Google, Yandex also offers certificates, only from LE, also did not figure out how to get (there is no time yet) https://console.cloud.yandex.ru/cloud
Maybe, who can drop a clear description, how to do it?

Numerous "alternatives" to LetsEncrypt operate as mere trial baits, with the aim of luring potential customers into the need for an OV/EV certificate or a wildcard.
In other cases, partners with a large number of certificates are offered an inexpensive, yet paid tariff. Cloudflare is a prime example of this.
 
It is common for companies to offer free trials or low-cost options as a way to attract customers. However, it is important to carefully evaluate the terms and conditions before committing to any service. It is also worth considering the long-term costs and benefits of investing in a particular certificate provider.

Google offers a free SSL certificate service called Managed SSL Certificates, which is available for use with Google Cloud services. These certificates can be used to secure websites and applications, allowing for encrypted communication between clients and servers.

Managed SSL Certificates simplify the process of obtaining and managing SSL certificates. They are automatically provisioned, renewed, and managed by Google, removing the need for manual configuration and maintenance. This ensures that websites and applications can benefit from HTTPS encryption without the hassle of certificate management.

To use Managed SSL Certificates, you need to have a web service hosted on Google Cloud Platform (GCP), such as Google App Engine, Google Kubernetes Engine, or Google Compute Engine. You can enable SSL for your service with just a few clicks in the GCP Console or by using the Google Cloud SDK.

It's important to note that Managed SSL Certificates are primarily designed for use with Google Cloud services and may not be directly applicable to other hosting environments.

Additionally, it's worth mentioning that while Google provides free SSL certificates for its own services, such as Google Cloud Load Balancer, it's always a good practice to carefully review and consider the terms and limitations associated with any certificate offering to ensure it meets your specific requirements.

While Google's program to provide free SSL certificates via the ACME API is a step in the right direction, it seems that there are some complexities with the current implementation, specifically regarding the EAB_KEY_ID and EAB_HMAC_KEY parameters. It would be beneficial for Google to provide clearer documentation and guidance to make the process more accessible to users.