How To Install Let’s Encrypt SSL Certificate Manually In cPanel

How To Install Let’s Encrypt SSL Certificate Manually In cPanel

Updated On:

Let us learn How To Install Let’s Encrypt SSL Certificate Manually In cPanel (Step-by-Step). To install Let’s Encrypt SSL Certificate we need to use a third party website that has been recognized or authorized by Let’s Encrypt to issue the certificates. Before we jump to the installation procedure, let us learn briefly about what is Hyper Text Transfer Protocol Secure (HTTPS) and why do we need Hyper Text Transfer Protocol Secure (HTTPS).

Why should we use SSL or https Encryption on our Websites?

“HTTPS” aka Hyper Text Transfer Protocol Secure is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are connected to. The ‘S’ at the end of HTTPS stands for ‘Secure’. It simply means all communications between your browser and the website are encrypted. HTTPS is often used to protect highly confidential online transactions like online banking and online shopping order forms. As a matter of fact, HTTPS has already become the Secure Online Presence Esteem and will grow more and more in near future.

Major Web Browsers such as Chrome, Firefox and Internet Explorer also displaying a padlock icon in the address bar to visually indicate that a HTTPS connection is in effect.

The major benefits of a HTTPS certificate are:

  • Customer information, like credit card numbers, is encrypted and cannot be intercepted
  • Visitors can verify you are a registered business and that you own the domain
  • Customers are more likely to trust and complete purchases from sites that use HTTPS
new_releases

Did you know, Google Set to Name and Shame Sites Lacking HTTPS? Chrome Browser Will Flag Sites Lacking Security Communication Protocol.

About Let’s Encrypt

Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG).

Let’s Encrypt gives people the digital certificates they need in order to enable HTTPS (SSL) for websites, for free, in the most user-friendly way we can. They do this because they want to create a more secure and privacy-respecting Web.

The key features of Let’s Encrypt are:

  • Free: Anyone who owns a domain name can use Let’s Encrypt to obtain a trusted certificate at zero cost.
  • Automatic: Software running on a web server can interact with Let’s Encrypt to painlessly obtain a certificate, securely configure it for use, and automatically take care of renewal.
  • Secure: Let’s Encrypt will serve as a platform for advancing TLS security best practices, both on the CA side and by helping site operators properly secure their servers.
  • Transparent: All certificates issued or revoked will be publicly recorded and available for anyone to inspect.
  • Open: The automatic issuance and renewal protocol will be published as an open standard that others can adopt.
  • Cooperative: Much like the underlying Internet protocols themselves, Let’s Encrypt is a joint effort to benefit the community, beyond the control of any one organization.

Let’s Start How To Install Let’s Encrypt SSL Certificate Manually In cPanel (Step-by-Step)

For our tutorial we are going to use SSL For Free – Free SSL Certificates to generate the certificate.

1. Go to SSL For Free – Free SSL Certificates website in your preferred browser.

Step 1

2. Enter the domain name of your website in the highlighted option and click on Create Free SSL Certificate option. Now the system will check and verify for your domain.

Step 2

Step 3

new_releases

The Ultimate WordPress Security Guide to enhance security of your WordPress Site. I bet this is something what you want most. No matter what you blog is about or how big or small, Security always come first and for all. Start digging right now!

3. Now the page below will reload explaining how you will verify your domain ownership as well as highlighting the terms and conditions for using on the Let’s Encrypt Agreement. Finally click on Manual Verification which allows you for the manual certificate installation through your cPanel.

Step 4

5. Here you get the detailed information, allowing you to Manually Verify the Domain.

Step 5

6. The following screen will show Upload Verification Files information details. First, click on the two download links to download and save the verification files that will be used to verify the domain on the browser later.

Step 6

7. Now login to your domain cPanel at https://www.yourdomain.com/cpanel, go to the File Manager, public_html folder.

Step 7

Step 8

Step 9

new_releases

Get your favorite Domain today! ZNetLive offers the Cheapest Domain Prices in India. You also get every domain extension you can think of! All in one place. Register your favorite domain right now!

8. Now once you are inside the public_html folder as shown above, create “.well-known” folder by clicking on +Folder icon.

Step 10

9. Next you need to open the .well-known and add “acme-challenge“.

Step 11

10. Now you need to upload the two files downloaded earlier. Click on Upload.

Step 12

11. To verify successful file upload, click the links as shown below in the browser, no error will be displayed for successful upload. If there is no error on the browser, click on Download SSL Certificate.

Step 13

12. The certificate files will be generated, i.e the Certificate, Private Key and CA Bundle. Go to the cPanel, scroll down to the security section and click on SSL/TSL section.

Step 14

13. Then go to Manage SSL sites.

Step 15

14. Copy the keys respectively starting with the Certificate, Private Key and the CA Bundle from the SSL For Free site.

Step 16

new_releases

The Ultimate Guide on How To Start a Blog (Step-by-Step). All in all, you need to start a blog huh? But how to start a blog in right way! I guarantee it’ll be straightforward, moderately simple, and certainly straightforward (no moronic language). Sounds great?

15. Now paste the Certificate, Private Key and the CA Bundlethe keys respectively as shown below in your cPanel. Then click Install Certificate below.

Step 17

16. Then go to the File Manager, public_html, search for .htaccess file, create it if it does not exist. This file contains the code that will allow the website links to redirect and use https:// for secure connections instead of http:// that is currently being used.

Step 18

new_releases

Take a look on 14 Best WordPress Page Builder That Cut Out Coding. Sounds interesting, huh? No need to learn coding and all technicalities. Just start and put your blog live in minutes!

17. Select the file and click on Edit. Copy the code below and go to Save Changes.

Step 19

For Non-WWW version (like I don’t want to use “www“, “vilabin.com” before my domain name) use the following code:

RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www. [NC]
RewriteCond %{HTTP_HOST} ^(?:www.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [L,NE,R=301]

For WWW version (like If want to use “www“, “www.yourdomain.com” before your domain name) use the following code:

RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www. [NC]
RewriteCond %{HTTP_HOST} ^(?:www.)?(.+)$ [NC]
RewriteRule ^ https://www.%1%{REQUEST_URI} [L,NE,R=301]

Step 21

Congratulations!!! You just made your site “Secure” both for you and most importantly for your visitors! Just open any link of your website and enjoy the green secure https:// before your domain. That’s all! All your existing pages will now open with default https://.

new_releases

Get Free Cloud Web Hosting today. Viewen is the only one of it’s kind in this fast competitive market who provides true “Best Free Cloud Web Hosting and Application Hosting with 100% original cPanel, SSL, Softaculous, PHP, MySQL, Full HTTP/2.0, ALPN Support, Instant Support and NO ADS.”

Note: Your website is now migrated to https from http. But you still need to change or modify the internal or other links which are still using http, otherwise there will be too many errors! If your website is normal html based site then you have to rewrite each urls. But if you are using WordPress then relax there are lots of plugins to handle this mess.

Hey! Check out this cool plugin to rewrite all your urls to https! It’s called Really Simple SSL, and trust me it’s really that simple to use.

Just a word of caution, even when you are using any plugin or manually rewriting the urls, you need to double check that there is no “Mixed Content”, that means some with http and some with https. This will lead to huge errors and many other complexities. So just keep it in mind and restart your project with SSL (Secure Sockets Layer) and be proud to present your information towards your visitors and customers!

Previous Post
How To Show Last Updated Date In WordPress Posts
Next Post
How To Setup SendGrid and Whitelabel Domain Sender Authentication

Related Posts

6 Comments. Leave new

  • Hello. Great article.

    Reply
  • Bro, can u plzz explain me the difference between that certificate that is issued by Cpanel authority and let’s encrypt one….

    And one more thing….which one should I use???

    Reply
    • Rahul Mukherjee
      April 17, 2018 7:17 PM

      Hello Avhishek, thanks for visiting my blog.

      Now, public certificate authorities generally won’t work for the internal services are not reachable from the outside, so they have no way to verify that the certificate is being issued to the right entity. For example, if you asked Let’s Encrypt for a server certificate for xxx.xxx.myinternaldomain.com, Let’s Encrypt needs to be able to verify that the request case from that hostname.

      A domain validated certificate and a self-signed certificate are essentially the same thing. Both provide encryption without trust. When any Tom, Dick, and Harry can get a certificate for a domain name, there’s no trust involved. In my opinion, browser developers shot themselves in the foot (probably at the behest of certificate authorities) when they started putting up ugly warning messages about self-signed certificates. In my opinion, they should have gone in the other direction and made less of a fuss over self-signed certificates. This would have accomplished the same thing that Let’s Encrypt and other DV certificates are doing, by allowing encryption without trust.

      Use Let’s Encrypt if want to use normal DV certificate. On the other hand if you need or want to make sure your visitors are feeling safe while they purchase or do any transaction on your site, then you may want to get a Paid EV certificated which is undoubtedly more secure than the free ones.

      Let me know if this helps you. Thanks!

      Reply
  • Nice post Rahul. In fact I was looking for a similar post few days back but couldnt find any. The steps you mentioned were exactly what I did, but after wasting my 3 hours.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.
You need to agree with the terms to proceed

Menu

Pin It on Pinterest