DEV Community

Cover image for Get a free SSL certificates for your shared-hosting cPanel domain!
Saad Alkentar
Saad Alkentar

Posted on • Edited on

Get a free SSL certificates for your shared-hosting cPanel domain!

Providers like Namecheap give a free SSL certificate with one-year validation for every domain and subdomain you create! it is awesome!
Yet, after finishing this one year, or creating too many subdomains (like I do 😅), you will have to pay 11$ up to 186$ for a single domain, 1 year, SSL certificate!
This article will walk you through using Let's Encrypt's certbot to get a free 3 months SSL certificate for domains without shell access (like shared access domains)

We will cover

  • installing certbot on Ubuntu Linux.
  • generate SSL challenge and pass it to namecheap domain.
  • install the certificates manually using domain cpanel

Install certbot

it is a straightforward operation, Ubuntu comes with snap so

sudo snap install --classic certbot
Enter fullscreen mode Exit fullscreen mode

please check this for other operating systems. simple and easy

Generate the free SSL certificate

looking at my account, I found this subdomain hna.xxx.net

Expired SSL certificate

let's generate a new certificate for this domain. Issue this command at the terminal (after installing chatbot of course)

sudo certbot certonly --manual --preferred-challenges http -d hna.xxx.net -d www.hna.xxx.net
Enter fullscreen mode Exit fullscreen mode

Certbot will ask you to fulfill the HTTP challenge by creating a file on your domain or subdomain with a certain value

http challenge

great, let's create this local file called 2QIY-W... with that special value

Challenge file

it is time to upload it to the website directory at .well-known/acme-challenge, simply use the cpanel file manager to reach that folder, or create it if it doesn't exist

Challenge directory

in my case, I was able to find the .well-known/ folder, but I created the acme-challenge/ folder manually

upload the challenge file, and press enter in our terminal to continue the challenge process

Uploading the challenge file

in my case, it requested uploading another file, number of challenge files is equal to the number of domains we want to create a new certificate for, in our case, we used hna.xxx.net, and www.hna.xxx.net. Usually, I would add the backend domain to the same certificate, somewhat like backend.hna.xxx.net, but hna is a full-stack Laravel project, so there is no need for that.

Uploading the other challenge file

after uploading all challenge files to the requested directories, we can press enter in our terminal to continue the process

Generating the certificates

great job! we have the certificates now! all we need to do is to upload them to our domain

Install the certificate using CPanel

We have the certificates in /etc/letsencrypt/live/ directory, which is a highly secured folder, so I would recommend copying the certificate and its private key out of it.

sudo cp /etc/letsencrypt/live/hna.xxx.net/privkey.pem /home/user/Desktop
sudo cp /etc/letsencrypt/live/hna.xxx.net/cert.pem /home/user/Desktop
Enter fullscreen mode Exit fullscreen mode

and after copying them, let's make them easier to move around by changing their permissions

cd /home/user/Desktop
sudo chmod 777 cert.pem
sudo chmod 777 privkey.pem
Enter fullscreen mode Exit fullscreen mode

nice, but not secure, so be aware to delete those files after uploading them to the website. moving to CPanel now

look for the SSL/TLS in the security section

CPanel security section

we will start by uploading the private key, by choosing Generate, view, upload, or delete your private keys.

Upload the private key

scroll down to "upload key" section, make sure to select the private key and click on "upload"

Upload key

it should show something like this

Upload key successfully

good, now to upload the certificate itself, we need to choose Generate, view, upload, or delete SSL certificates from the first SSL/TLS page

Upload Certificate

similar to uploading key, we need to scroll to the upload certificate section, choose our certificate file, and press the upload certificate button

Upload certificate

upload certificate successfully

finally, let's install it after uploading it

from the first SSL/TLS page, we choose Manage SSL sites

Manage SSL

Scroll down to "Install an SSL Website", select the domain, click on "Autofill by domain"

Autofill certificate data

now scroll to the bottom of the page and click on "Install Certificate"

Install Certificate

Done! 😎

New certificate

Did you have any unexpected issues? please share and let's try solving them together
Do you have a better or easier way to do it? please share

Top comments (0)