In recent years, there’s been a strong push by Google and others to make the web more secure by encouraging the use of TLS/SSL (transport layer security/secure sockets layer) on every website.
Google has added extra encouragement for using HTTPS by giving a ranking boost to sites, and, like other browser makers, is gradually turning up the heat in Chrome by introducing increasingly alarming alerts on sites without encryption.
Until recently, SSL certificates were quite costly. Let’s Encrypt changed that by offering free certificates.
There are lots of online tutorials showing how to install Let’s Encrypt certificates, but they tend to require quite a bit of technical expertise (knowledge of how to operate a Linux web server and manage root access) and rarely guide you on how to install it through a common shared hosting control panel. If your cPanel or other control panel instance doesn’t provide a feature like One Click Install for Let’s Encrypt SSL (and many don’t), then you may feel there’s no option but to fork out money for a certificate through your web hosting provider.
However, in this article I’ll show you how to install a Let’s Encrypt SSL certificate on your shared web hosting server using the services from SSL For Free. SSL For Free allows you to install a Let’s Encrypt SSL certificate without having to have root access and a VPS, but just a regular shared web hosting server.
Installing Let’s Encrypt SSL Using SSL For Free
Step 1: Head over to the SSL For Free website.
Step 2: In the enter your website to secure input box, type your website domain address (for example:
Step 3: SSL For Free will provide SSL certificates for
Step 4: If you want to add another subdomain (for example:
sub.yourdomain.com), click the Add / Edit Domains link, and you’ll be returned to the domain address input page.
Step 5: Add the subdomain you desire in the input box.
Verify your domain and/or subdomain by SSL For Free
There are three ways to verify your domain by SSL For Free (you can choose any one of them).
- The first is via Automatic FTP Verification. Here, you’ll be asked for data about your web hosting FTP account.
- The second is through Manual Verification. You’ll be prompted to download two files from SSL For Free, which you’ll later upload to your web hosting server.
- The third is through Manual Verification (DNS). This way, you’ll be prompted to create a new TXT record through your web hosting control panel.
Let’s take a look at each of the verification steps.
Method 1. Automatic FTP Verification
Step 1: Click the Automatic FTP Verification button.
Step 2: Below this, you’ll be prompted to input data from your web hosting FTP account. Input the data completely:
If you feel uncomfortable with this way (giving your FTP account access data), then you can choose the second way (which I highly recommend) below.
Method 2. Manual Verification
Step 1: You’ll be prompted to download two files generated by SSL For Free, which you’ll then upload to your web hosting server. Click Manual Verification. (Note: don’t close this tab/page!)
Step 2: Below, you’ll be prompted to download two files generated by SSL For Free. Download both files, saving them on your local computer.
Step 3: In accordance with the instructions of this SSL For Free page, create a new folder/directory called
.well-known. (If you’re in a Windows environment, name it
.well-known. — that is, with an extra dot at the end.) Inside that directory, create a new directory called
acme-challenge. Copy-paste the two downloaded files into the
Step 4: Now upload both files to your web hosting server using your preferred FTP application (such as FileZilla).
Step 5: Upload the
.well-known directory from your local computer to the root directory of your web hosting server (its directory, not the contents in it).
Step 6: Now open a new tab/page in your browser and enter your domain URL, along with the location of the two files. Make sure you see the random numbers and letters:
Step 7: Go back to the SSL For Free tab/page (page at Step 1) and click Download SSL Certificate. Make sure you don’t get a reply like this:
Step 8: If you get an error reply, please repeat Step 1 above, until SSL For Free loads the Loading SSL Certificate Account page. It will then proceed to the Generating SSL Certificate Securely page:
Method 3. Manual Verification (DNS)
In this last verification method option, you’ll be prompted to create a new TXT record in your web hosting control panel.
Here’s what the steps look like in cPanel:
Step 1: Click the Manual Verification (DNS) button on the SSL For Free site.
Step 2: You’ll then be prompted to create a new TXT record according to the data on that page:
Step 3: Open a new tab/page in your browser and log in to CPanel on your server. Go to Zone Editor, and add a record with the following data:
- Type: TXT
- Name: _acme-challenge.yourdomain.com.
- TTL: 14400
- TXT Data: [corresponding to the first TXT Record data in Step 2]
Click Add Record:
Step 4: Then add the second new TXT record with the following data:
- Type: TXT
- Name: _acme-challenge.www.yourdomain.com.
- TTL: 14400
- TXT Data: [corresponding to the second TXT Record data in Step 2]
Once again, click Add Record.
Step 5: The final result will look something like this:
Step 6: Go back to the SSL For Free tab/page (page at Step 1) and click the Download SSL Certificate. If you’ve set up the TXT records correctly, you should get a couple of results like this:
Step 7: You’ll be taken to the Loading SSL Certificate Account page, and then to the Generating SSL Certificate Securely page:
Continue reading %A Guide to Setting Up Let’s Encrypt SSL on Shared Hosting%