A Step-by-Step Guide to Configuring Let's Encrypt Free & Easy SSL Certificates on a Mikrotik Router.


Setting up a secure connection for your Mikrotik router is essential for protecting your data. Let’s Encrypt provides free and easy TLS certificates that can be easily configured on a Mikrotik router. This guide will walk you through the steps to configure Let’s Encrypt TLS certificates on a Mikrotik router, ensuring that your data is safe and secure.


The following is an overview of the steps outlined in this tutorial:
1) What is Let’s Encrypt & Why is it important for your network security
2) Download Winbox and connect to your Mikrotik Router
3) Configure A Let’s Encrypt SSL Certificate
4) What Are the Benefits of Using Let’s Encrypt TLS Certificates? 
5) Conclusion.


The following is a list of items that you may need to complete this tutorial:
1) A Mikrotik Router running the latest version of RouterOS
2) A public static IP address and the DDNS feature enabled
3) The WinBox utility or an SSH client such as Putty or the macOS Terminal app.

1. What is Let's Encrypt & Why is it Important for Your Network Security?

Let’s Encrypt is a free, automated, and open Certificate Authority that provides digital certificates for Transport Layer Security (TLS) encryption. It is an important tool for securing your network, as it allows you to encrypt all your web traffic and communications with other networks. This ensures that all data sent between networks is kept secure and private, protecting your network from potential cyber-attacks. By using Let’s Encrypt on your Mikrotik Router, you can also benefit from the improved security it provides and ensure secure communications on your private / public networks.

2. Download Winbox and connect to your Mikrotik Router

The first step that you need to take to complete this setup is to download the Winbox utility. If you already have Winbox on your computer you can skip this step. Go to and click the Software tab. Click Winbox and click WinBox 64-Bit or WinBox 32-Bit to start the download process. If you are using a MacBook, download the Wine compatibility layer app and use it to run WinBox.

3. Configure A Let’s Encrypt SSL Certificate

The first step in setting up a Let’s Encrypt certificate is to tempotarily permit connection on port 80 to your router. This is because Let’s Encrypt used HTTP port 80 for certificate issuance and renewals. In WinBox, click New Terminal and run the following commands:

Assuming that you do not have a fully qualified domain name pointing to the public IP address of your Mikrotik router, you need to enable the Mikrotik DDNS feature. Click IP > Cloud and click the DDNS Enabled checkbox. Click Apply to save changes.

Return back to the Mikrotik Terminal and run the following commands to request for a Let’s Encrypt certificate.

When the SSL certificate request process is complete, it is important to disable the firewall rule that you added to open HTTP port 80. Run the following command

The typical certificate expiry time is 90 days and RouterOS can renew the certificate automatically as long as if Let’s Encrypt can reach the RouterOS built-in web server. Click IP > Firewall and click the Address List tab. Click add and set Name to Let’s Encrypt, set Address to Click Apply to Save changes.

Click Add again and set Name to Let’s Encrypt. Set Address to and click Save. Click Add and set Nable to Let’s Encrypt. Set Address to letsencrypt.orge and click Save.

Click the Filter Rules tab and edit the rule created for opening HTTP port 80. Set the Src Address List parameter to use the dynamic Let’s Encrypt IP address list and click Save.  Enable the HTTP port 80 rule so that future SSL certificate renewals will be successfull. 

If you would like to force an SSL certificate renewall run the following commands:

What Are the Benefits of Using Let’s Encrypt SSL Certificates?

Let’s Encrypt TLS Certificates are an increasingly popular way to secure transmissions on a device such as a Mikrotik Router. With a Let’s Encrypt certificate, Router owners can rest assured that their data is safe from hackers and other malicious actors. You can also provision secure public VPN connections using the Let’s Encrypt SSL certificate. Let’s Encrypt TLS Certificates provide users with a range of benefits, such as improved security, higher router performance, and cost savings. With the help of these certificates, Router owners can protect their data and ensure that it remains private and secure. Finally, these certificates are free to use which makes them an attractive option for those looking for cost-effective solutions for website security.


In this tutorial, you have learned how to configure and manage Let’s Encrypt SSL certificates on your Microtik Router. We encourage you to always use Let’s Encrypt to protect your connections and safeguard your data in transit. We hope that this tutorial has been informative and would like to thank you for reading it.