Anchor Relay
Fast, free browser-trusted HTTPS certificates via ACME relay
What it does
Anchor Relay is a service that simplifies obtaining Let's Encrypt certificates by acting as an ACME API frontend with DNS delegation for challenge records. It eliminates the need to expose port 80 or forward HTTP—all certificate validation happens outbound. The service currently provides free, automated 90-day certificates trusted by all browsers, with plans to add Google Trust Services and short-lived certificates. It works out of the box with tools like Certbot, Caddy, and cert-manager.
Who it is for
Anchor Relay is designed for developers and operators running services in homelab, self-hosted, or untrusted environments like IoT, as well as behind firewalls and internal networks. It is ideal for those who want to avoid exposing infrastructure or managing DNS API credentials across multiple systems.
Why it matters
Traditional certificate issuance often requires opening port 80 or managing complex DNS integrations. Anchor Relay reduces attack surface by requiring only outbound connections and a one-time DNS configuration. This makes HTTPS adoption simpler and more secure for edge cases where standard ACME challenges are impractical.
Launch signal
Anchor Relay was announced on Hacker News as a Show HN project. The service is currently in beta and offered as a free public service. The founder, known as "geemus," is also the creator of the CarrierWave gem, adding credibility to the project.
Brand and naming
The name "Anchor Relay" suggests a trusted, stable relay point for certificate issuance. The branding uses a clean anchor icon and dark theme, positioning the service as a secure and reliable intermediary. The tagline "Fast & free browser trusted HTTPS certificates" clearly communicates the core value proposition.
Founder
geemus
Related
Get more like this in our weekly newsletter.