A Guide to Setting Up Let's Encrypt SSL on Shared Hosting

Easy to install Let's Encrypt SSL certificate on shared hosting with SSL For Free

In recent years, Google and other companies have vigorously promoted network security, encouraging all websites to use TLS/SSL (Transport Layer Security/Secure Sockets Layer). Google encourages its use by boosting the ranking of HTTPS sites and, like other browser manufacturers, is gradually strengthening Chrome's security measures by displaying more and more alerts on unencrypted sites.

In the past, SSL certificates were quite expensive. Let's Encrypt changed this by offering free certificates.

There are many tutorials on how to install Let's Encrypt certificates online, but these tutorials usually require quite a lot of technical expertise (such as Linux web server operations and root access management) and rarely guide you through common shared hosting Install the control panel. If your cPanel or other control panel instances don't offer features like "One-click Install Let's Encrypt SSL" (many don't), you might feel like nothing else than paying for a certificate through your web hosting provider choose.

However, this article will show you how to install Let's Encrypt SSL certificate on a shared web hosting server using SSL For Free's services. SSL For Free allows you to install Let's Encrypt SSL certificates without root access and VPS, just a normal shared web hosting server.

Key points:

• Use the SSL For Free service, install Let's Encrypt SSL certificate on a shared web host without root access, VPS or additional fees.
• The process of installing Let's Encrypt SSL on a shared hosting includes verifying your domain name with automatic FTP verification, manual verification, or manual DNS verification, and installing the certificate data into your cPanel web hosting server.
• Let's Encrypt SSL certificates are free and offer the same encryption level as paid certificates, but they last only 90 days and require manual renewal or renewal via the auto-renewal feature provided by the hosting provider.

Install Let's Encrypt SSL using SSL For Free

Step 1: Visit the SSL For Free website.

Step 2: In the "Enter the website you want to protect" input box, type your website domain name address (for example: yourdomain.com).

Step 3: SSL For Free will automatically provide you with SSL certificates for yourdomain.com and www.yourdomain.com.

Step 4: If you want to add another subdomain (for example: sub.yourdomain.com), click the "Add/Edit Domain" link and you will return to the domain address input page.

Step 5: Add the subdomain name you want in the input box.

Verify your domain/subdomain with SSL For Free

SSL For Free has three ways to verify domain names (you can choose any of them):

1. Automatic FTP verification: You need to provide web hosted FTP account information.
2. Manual Verification: You need to download two files from SSL For Free and upload them to your web hosting server.
3. Manual DNS verification: You need to create a new TXT record through the web hosting control panel.

Let's look at each verification step.

Method 1. Automatic FTP verification

Step 1: Click the "Auto FTP Verification" button.

Step 2: Below, you will be prompted to enter the data for the Web hosted FTP account. Complete input data:

If you are upset about this approach (providing your FTP account access data), then you can choose the second approach below (I highly recommend it).

Method 2. Manual verification

Step 1: You will be prompted to download the two files generated by SSL For Free and upload them to your web hosting server. Click Manual Verification. (Note: Do not close this tab/page!)

Step 2: Below, you will be prompted to download the two files generated by SSL For Free. Download these two files and save them on your local computer.

Step 3: Create a new folder/directory named .well-known according to the instructions of this SSL For Free page. (If you are using a Windows environment, name it .well-known. - i.e. add an extra point at the end.) In this directory, create a new directory called acme-challenge. Copy and paste the two downloaded files into the acme-challenge directory.

Step 4: Now upload these two files to your web hosting server using your preferred FTP application (e.g. FileZilla).

Step 5: Upload the .well-known directory from your local computer to the root directory of the web hosting server (its directory, not what it has).

Step 6: Now open a new tab/page in your browser and enter your domain URL and the location of these two files. Make sure you see random numbers and letters:

Step 7: Return to the SSL For Free tab/page (page in step 1) and click "Download SSL Certificate". Make sure you don't receive a reply like this:

Step 8: If you receive an error reply, repeat step 1 above until SSL For Free loads the Load SSL Certificate Account page. It will then continue to the "Security Generate SSL Certificate" page:

Method 3. Manual DNS verification

In this last validation method option, you will be prompted to create a new TXT record in the web hosting control panel.

The following are the steps in cPanel:

Step 1: Click the "Manual DNS Verification" button on the SSL For Free website.

Step 2: Then the system will prompt you to create a new TXT record based on the data on the page:

Step 3: Open a new tab/page in your browser and log in to CPanel on the server. Go to the Regional Editor and add a record with the following data:

• Type: TXT
• Name: _acme-challenge.yourdomain.com.
• TTL: 14400
• TXT data: [corresponding to the first TXT record data in step 2]

Click "Add Record":

Step 4: Then add a second new TXT record, with the data as follows:

• Type: TXT
• Name: _acme-challenge.www.yourdomain.com.
• TTL: 14400
• TXT data: [corresponding to the second TXT record data in step 2]

Click "Add Record" again.

Step 5: The final result will be as follows:

Step 6: Return to the SSL For Free tab/page (page in step 1) and click "Download SSL Certificate". If you have set up the TXT record correctly, you should get several results like this:

Step 7: You will be taken to the Load SSL Certificate Account page and then to the "Security Generate SSL Certificate" page:

(The next steps include installing certificates in cPanel and certificate inspection, etc., which are similar to the original text. Duplicate content is omitted here, please refer to the original text)

Summary:

Hope this tutorial shows you how easy it is to use Let's Encrypt to secure a website on a shared hosting. Admittedly, having to use a third-party intermediary is not ideal, but this is not a big drawback given the money you can save. No need to purchase the certificate again.

Remember, the Let's Encrypt certificate lasts only 90 days, not a year (like many paid certificates). A common method of automated reinstallation is through cron jobs, although this is not always allowed on shared hosting. I suggest you contact your web host to learn about the services they provide in this regard.

(The FAQ part is similar to the original text, duplicate content is omitted here, please refer to the original text)

The above is the detailed content of A Guide to Setting Up Let's Encrypt SSL on Shared Hosting. For more information, please follow other related articles on the PHP Chinese website!