Google has announced a compulsory ssl certificate for every website including blogging sites. this has led all bloggers in search of the certificates in a low cost or a rather free one. In this article is to explain a free installation of Let’s Encrypt Free ssl certificate on any shared hosting or cPanel. Hope this is going to be useful.
What is Let’s Encrypt/
Let’s Encrypt is a non-profitable certificate authority for encryption of web connections to world wide web. It is run by Internet security research group and all certificates are valid for 90 day period and users has to force renewal after the same period of time.
The key principles behind Let’s Encrypt are:
- Free: Anyone who owns a domain name can use Let’s Encrypt to obtain a trusted certificate at zero cost.
- Automatic: Software running on a web server can interact with Let’s Encrypt to painlessly obtain a certificate, securely configure it for use, and automatically take care of renewal.
- Secure: Let’s Encrypt will serve as a platform for advancing TLS security best practices, both on the CA side and by helping site operators properly secure their servers.
- Transparent: All certificates issued or revoked will be publicly recorded and available for anyone to inspect.
Open: The automatic issuance and renewal protocol will be published as an open standard that others can adopt.
- Cooperative: Much like the underlying Internet protocols themselves, Let’s Encrypt is a joint effort to benefit the community, beyond the control of any one organization.
Steps to install Free SSL Certificate:
- Login into cPanel
- Enable SSH Access
- Download Putty
- Launch putty and connect it to your site
- Enter the below command to download Let’s encrypt binary:
curl https://get.acme.sh | sh
- Disconnect and re-connect putty session
- Register your gmail as below to get updates regarding SSL certificate
acme.sh --register-account --accountemail firstname.lastname@example.org
- Generate certificate using below command
acme.sh --issue --webroot ~/public_html -d yourdomain.com -d www.yourdomain.com --force
- Deploy the certificate to your cpanel,
acme.sh --deploy --deploy-hook cpanel_uapi --domain yourdomain.com
- Enter below command to check auto renew in crontab,
crontab -l | grep acme.sh
- The above command output should like below,
10 0 * * * "/home/CPANEL_USERNAME/.acme.sh"/acme.sh --cron --home "/home/CPANEL_USERNAME/.acme.sh" > /dev/null
Please drop a comment if you face any difficulties.