How to install and configure your server for free SSL certificate from let’s encrypt if your hosting provider is not supported. To go the installation steps, click here.
1- What is a SSL certificate and why you need it?
I won’t go into too many details here, but SSL means Secure Sockets Layer. This is a security protocol that helps you validate the identity of the website you are visiting, making sure that nobody is eavesdropping your conversation or tampering with. If you want more details, I recommend you to go to the SSL page on Wikipedia. If you provide a member section with authentication or an e-commerce site, you definitively need a valid SSL certificate. But even if you don’t, it is still recommended having one to increase the traffic to your website and reassure your visitors.
2- How much does it cost?
There are several SSL authorities selling certificates and most likely your hosting company proposes some solution integrated with their hosting offer. They may even offer you the certificate for free for the first year. However, there is a free solution provided by the non-profit organization let’s encrypt to help increase the security of the web. Their certificates will be trusted and are secured enough. However, it may be a bit more difficult to install and manage your certificates, and this is why I wrote this post.
3- How to configure your server to use HTTPS?
This will depend of your hosting company and website type. If your hosting company supports let’s encrypt (see list of supported providers here), then just follow their documentation and you will be sorted. I won’t treat this case here. I’m using Namecheap and since they sell their SSL certificates they are not at this time supporting let’s encrypt for automatic installation. We will therefore need SSH access to the server to install the tools needed.If you need help accessing your hosting account using SSH, check with your provider support. once connected to your SSH account, just copy and paste the commands below without the quotes. If you face any issue, post your question in the comments, i’ll help you.
4- step by step instructions
- install acme: < curl https://get.acme.sh | sh >
- if you don’t have an account with acme yet, please register an account with: < acme.sh –register-account –accountemail firstname.lastname@example.org >
- issue the certificate: < acme.sh –issue –webroot ~/webrootfolder -d domainnameA -d www.domainnameA -d domainnameB -d www.domainnameB –force >
- deploy the certificate for all domains: < acme.sh –deploy –deploy-hook cpanel_uapi –domain domainnameA -d www.domainnameA -d domainnameB -d www.domainnameB >
- configure scheduler to renew certificates automatically: < “/home/username/.acme.sh”/acme.sh –cron –home “/home/user/.acme.sh” >
You now have a valid certificate on your website that will renew automatically before expiration (the scheduler will check every day the status of the certificates and renew them as needed).
I hope you were able to follow the steps above, if you faced any issue or would like more details on any points above, please leave a message and i’ll get back to you. If you want me to write about another topic regarding your website, let me know below.