Providers like Namecheap give a free SSL certificate with one-year validation for every domain and subdomain you create! it is awesome!
Yet, after finishing this one year, or creating too many subdomains (like I do 😅), you will have to pay 11$ up to 186$ for a single domain, 1 year, SSL certificate!
This article will walk you through using Let's Encrypt's certbot to get a free 3 months SSL certificate for domains without shell access (like shared access domains)
We will cover
- installing certbot on Ubuntu Linux.
- generate SSL challenge and pass it to namecheap domain.
- install the certificates manually using domain cpanel
Install certbot
it is a straightforward operation, Ubuntu comes with snap so
sudo snap install --classic certbot
please check this for other operating systems. simple and easy
Generate the free SSL certificate
looking at my account, I found this subdomain hna.xxx.net
let's generate a new certificate for this domain. Issue this command at the terminal (after installing chatbot of course)
sudo certbot certonly --manual --preferred-challenges http -d hna.xxx.net -d www.hna.xxx.net
Certbot will ask you to fulfill the HTTP challenge by creating a file on your domain or subdomain with a certain value
great, let's create this local file called 2QIY-W... with that special value
it is time to upload it to the website directory at .well-known/acme-challenge
, simply use the cpanel file manager to reach that folder, or create it if it doesn't exist
in my case, I was able to find the .well-known/
folder, but I created the acme-challenge/
folder manually
upload the challenge file, and press enter in our terminal to continue the challenge process
in my case, it requested uploading another file, number of challenge files is equal to the number of domains we want to create a new certificate for, in our case, we used hna.xxx.net, and www.hna.xxx.net. Usually, I would add the backend domain to the same certificate, somewhat like backend.hna.xxx.net, but hna is a full-stack Laravel project, so there is no need for that.
after uploading all challenge files to the requested directories, we can press enter in our terminal to continue the process
great job! we have the certificates now! all we need to do is to upload them to our domain
Install the certificate using CPanel
We have the certificates in /etc/letsencrypt/live/
directory, which is a highly secured folder, so I would recommend copying the certificate and its private key out of it.
sudo cp /etc/letsencrypt/live/hna.xxx.net/privkey.pem /home/user/Desktop
sudo cp /etc/letsencrypt/live/hna.xxx.net/cert.pem /home/user/Desktop
and after copying them, let's make them easier to move around by changing their permissions
cd /home/user/Desktop
sudo chmod 777 cert.pem
sudo chmod 777 privkey.pem
nice, but not secure, so be aware to delete those files after uploading them to the website. moving to CPanel now
look for the SSL/TLS in the security section
we will start by uploading the private key, by choosing Generate, view, upload, or delete your private keys.
scroll down to "upload key" section, make sure to select the private key and click on "upload"
it should show something like this
good, now to upload the certificate itself, we need to choose Generate, view, upload, or delete SSL certificates
from the first SSL/TLS page
similar to uploading key, we need to scroll to the upload certificate section, choose our certificate file, and press the upload certificate button
finally, let's install it after uploading it
from the first SSL/TLS page, we choose Manage SSL sites
Scroll down to "Install an SSL Website", select the domain, click on "Autofill by domain"
now scroll to the bottom of the page and click on "Install Certificate"
Done! 😎
Did you have any unexpected issues? please share and let's try solving them together
Do you have a better or easier way to do it? please share
Top comments (0)