A Guide to Setting Up Let’s Encrypt SSL on Shared Hosting

In recent years, there’s been a strong push by Google and others to make the web more secure by encouraging the use of TLS/SSL (transport layer security/secure sockets layer) on every website.

padlock image

Google has added extra encouragement for using HTTPS by giving a ranking boost to sites, and, like other browser makers, is gradually turning up the heat in Chrome by introducing increasingly alarming alerts on sites without encryption.

Until recently, SSL certificates were quite costly. Let’s Encrypt changed that by offering free certificates.

There are lots of online tutorials showing how to install Let’s Encrypt certificates, but they tend to require quite a bit of technical expertise (knowledge of how to operate a Linux web server and manage root access) and rarely guide you on how to install it through a common shared hosting control panel. If your cPanel or other control panel instance doesn’t provide a feature like One Click Install for Let’s Encrypt SSL (and many don’t), then you may feel there’s no option but to fork out money for a certificate through your web hosting provider.

However, in this article I’ll show you how to install a Let’s Encrypt SSL certificate on your shared web hosting server using the services from SSL For Free. SSL For Free allows you to install a Let’s Encrypt SSL certificate without having to have root access and a VPS, but just a regular shared web hosting server.

Installing Let’s Encrypt SSL Using SSL For Free

Step 1: Head over to the SSL For Free website.

Step 2: In the enter your website to secure input box, type your website domain address (for example: yourdomain.com).

SSL for Free

Step 3: SSL For Free will provide SSL certificates for yourdomain.com and www.yourdomain.com automatically.

Step 4: If you want to add another subdomain (for example: sub.yourdomain.com), click the Add / Edit Domains link, and you’ll be returned to the domain address input page.

Step 5: Add the subdomain you desire in the input box.

Verify your domain and/or subdomain by SSL For Free

There are three ways to verify your domain by SSL For Free (you can choose any one of them).

  1. The first is via Automatic FTP Verification. Here, you’ll be asked for data about your web hosting FTP account.
  2. The second is through Manual Verification. You’ll be prompted to download two files from SSL For Free, which you’ll later upload to your web hosting server.
  3. The third is through Manual Verification (DNS). This way, you’ll be prompted to create a new TXT record through your web hosting control panel.

Let’s take a look at each of the verification steps.

Method 1. Automatic FTP Verification

Step 1: Click the Automatic FTP Verification button.

Automatic FTP verification

Step 2: Below this, you’ll be prompted to input data from your web hosting FTP account. Input the data completely:

Entering FTP data

If you feel uncomfortable with this way (giving your FTP account access data), then you can choose the second way (which I highly recommend) below.

Method 2. Manual Verification

Step 1: You’ll be prompted to download two files generated by SSL For Free, which you’ll then upload to your web hosting server. Click Manual Verification. (Note: don’t close this tab/page!)

Step 2: Below, you’ll be prompted to download two files generated by SSL For Free. Download both files, saving them on your local computer.

Step 3: In accordance with the instructions of this SSL For Free page, create a new folder/directory called .well-known. (If you’re in a Windows environment, name it .well-known. — that is, with an extra dot at the end.) Inside that directory, create a new directory called acme-challenge. Copy-paste the two downloaded files into the acme-challenge directory.

Step 4: Now upload both files to your web hosting server using your preferred FTP application (such as FileZilla).

Step 5: Upload the .well-known directory from your local computer to the root directory of your web hosting server (its directory, not the contents in it).

Uploading the folder via FTP

Step 6: Now open a new tab/page in your browser and enter your domain URL, along with the location of the two files. Make sure you see the random numbers and letters:

The file paths

Step 7: Go back to the SSL For Free tab/page (page at Step 1) and click Download SSL Certificate. Make sure you don’t get a reply like this:

Error message to avoid

Step 8: If you get an error reply, please repeat Step 1 above, until SSL For Free loads the Loading SSL Certificate Account page. It will then proceed to the Generating SSL Certificate Securely page:

Generating and SSL certificate

Method 3. Manual Verification (DNS)

In this last verification method option, you’ll be prompted to create a new TXT record in your web hosting control panel.

Here’s what the steps look like in cPanel:

Step 1: Click the Manual Verification (DNS) button on the SSL For Free site.

Step 2: You’ll then be prompted to create a new TXT record according to the data on that page:

Setting up TXT records

Step 3: Open a new tab/page in your browser and log in to CPanel on your server. Go to Zone Editor, and add a record with the following data:

  • Type: TXT
  • Name: _acme-challenge.yourdomain.com.
  • TTL: 14400
  • TXT Data: [corresponding to the first TXT Record data in Step 2]

Click Add Record:

Clicking the Add Record button

Step 4: Then add the second new TXT record with the following data:

  • Type: TXT
  • Name: _acme-challenge.www.yourdomain.com.
  • TTL: 14400
  • TXT Data: [corresponding to the second TXT Record data in Step 2]

Once again, click Add Record.

Step 5: The final result will look something like this:

Complete TXT records in CPanel

Step 6: Go back to the SSL For Free tab/page (page at Step 1) and click the Download SSL Certificate. If you’ve set up the TXT records correctly, you should get a couple of results like this:

Confirming TXT records

Step 7: You’ll be taken to the Loading SSL Certificate Account page, and then to the Generating SSL Certificate Securely page:

Generating and SSL certificate

Continue reading %A Guide to Setting Up Let’s Encrypt SSL on Shared Hosting%


Source: Sitepoint