Update: This is one of the first tutorial about using letsencrypt in shared hosting when letsencrypt first came out. However, its 2018, and letsencrypt is now This is one of the first tutorial about using letsencrypt in shared hosting when letsencrypt first came out. However, its 2018, and letsencrypt is now certbot . This tutorial might be outdated. The good news is, you can try out the Lets Encrypt Certificate Generator instead!

The gist here is to generate the Let’s Encrypt certificate locally and install it to your server using cPanel. This is the exact steps I used for this domain.

Things Needed

An OS to install and run the Let’s Encrypt client . In this example I will use Ubuntu 14.04 VM on Windows.

. In this example I will use Ubuntu 14.04 VM on Windows. cPanel access . Your cPanel should allow SSL certificates to be installed manually.

. Your cPanel should allow SSL certificates to be installed manually. File upload access to the server. I used SFTP.

Installing the Let’s Encrypt Client

Fire up the terminal and update Ubuntu. sudo apt-get update Then install letsenceypt client using git: git clone https://github.com/letsencrypt/letsencrypt Note: If you don’t have git installed, type: sudo apt-get install git Once its done, go to the directory where the client is installed. For me its: cd letsencrypt

Generating the Lets Encrypt Certificate

Inside the letsencrypt directory, type: ./letsencrypt-auto certonly -a manual --rsa-key-size 4096 -d kosinix.com -d www.kosinix.com Note: Make sure to change kosinix.com to the domain of your website.

The client will prompt you if its OK to log your IP. Choose Yes.

Now, whatever happens, do not press anything yet or you will have to restart the generation process!

Confirming Domain Ownership

Notice that below the prompt is an instruction on how to confirm ownership of your domain: Make sure your web server displays the following content at http://kosinix.com/.well-known/acme-challenge/xuJ_RPQbkGG356A7WRya9JiJ59Lj1dWjS7OG40oQMOM before continuing: xuJ_RPQbkGG356A7WRya9JiJ59Lj1dWjS7OG40oQMOM.oUqbjO_-ZMUbmaC1JeWUVUrSB0ulSIDoHekYe_jffyk

Connect to your server and create the following directory inside your server’s public directory: .well-known/acme-challenge/ Inside it create a text file named xuJ_RPQbkGG356A7WRya9JiJ59Lj1dWjS7OG40oQMOM that contains the string xuJ_RPQbkGG356A7WRya9JiJ59Lj1dWjS7OG40oQMOM.oUqbjO_-ZMUbmaC1JeWUVUrSB0ulSIDoHekYe_jffyk

Note: The strings will be different for you.

Once you are done, go back to the terminal and press the enter. LE will generate one more confirmation. Just repeat step number 6.

Installing the Certificate in cPanel

Type: sudo nautilus Using the file browser as root, navigate to /etc/letsencrypt/live/kosinix.com Login to your cPanel. Copy and paste the SSL info from these files into the cPanel SSL panel: Certificate (CRT) is cert.pem Private Key is privkey.pem Certificate Authority Bundle: (CABUNDLE) or CA is chain.pem I used gedit to open and copy the contents of the .pem files. Note: You can also use the cat command to view text files in the terminal. Eg. cat cert.pem

Bonus: Redirect all request to https

Add this in your .htaccess:

# BEGIN Force SSL # This should be the first rule before other rules <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] </IfModule> # END Force SSL

Additional Resources/References