Let’s Encrypt is a non-profit SSL certificate authority that’s sponsored by several organizations, including the EFF & Mozilla. Unfortunately, Namecheap (my hosting provider) does not play nicely with Let’s Encrypt – I suspect it’s because they’ve partnered with other certificate authorities that only offer paid SSL certificates. However, there is a workaround that I’ve outlined below. Much of this I workaround I found on Tony Teaches Tech on YouTube.
Note that you must have a hosting plan that allows you to access cPanel. Unfortunately, cPanel is not available on plans like EasyWP.
- Enable SSH access from cPanel by searching for “SSH Access” and toggling it on.
- The search for Terminal in cPanel and open it.
- We need to install the ACME shell script by running the following command:
curl https://get.acme.sh | sh
Once it’s complete, you should have a new directory in your home folder called .acme.sh that has an executable. You can see it by running
- Now let’s run the executable along with some arguments. In my case “chuck.is” will be the website, and “/home/[cPanel username]/www” is the directory the website is hosted (note: your website directory may be different). Run the following command:
.acme.sh/acme.sh --issue --server letsencrypt -d chuck.is -w /home/[cPanel username]/www
Assuming it’s successfully, it will output a certificate and will let you know where the certificates are stored. The certificate and key will be located in the /.acme.sh/[website] directory, as indicated in the output of the command.
- Now we want to copy+paste the certificate and key. There may be an easier way to do this, but I navigated to the directory above and catted out the certificate in the terminal, then copy + pasted it into a text file.
You need to copy all the text including “—–BEGIN CERTIFICATE—–” and “—–END CERTIFICATE—–“.
- I did the same for the key
- Now we need to navigate back to the cPanel homepage and search for “SSL/TLS”. There will be an option under “CERTIFICATES (CRT)” to generate, view, upload, or delete SSL certificates. Click on that.
- Under “Upload a New Certificate” paste the contents of the certificate and be sure to include the “BEGIN/END CERTIFICATE” parts. For description, you can put something like “Let’s Encrypt – chuck.is”. Then hit Save Certificate.
- On the next screen is where you’ll enter the key. Again, be sure to include the “BEGIN/END CERTIFICATE” parts.
It may take a few minutes, but eventually the certificate will be active. You can confirm by clicking the lock icon in your browser and viewing that the site is verified by Let’s Encrypt. That should do it!
Thanks for reading. Feel free to send comments, questions, or recommendations to firstname.lastname@example.org.