Today is the era of privacy and security!
Back in 2018, the browser giant Google Chrome started marking non-HTTPS pages that collect data such as registration, login, and contact us forms, etc. as “not secure” and when the visitor stats typing, the text will become red as a warning to visitors that the connection between the visitor’s web browser and the server is not secure.
This is a serious threat for your business specifically if you are running an e-commerce store. Here is a glimpse of how it actually looks like:
Doesn’t it look weird?
Many WordPress hosting providers like Cloudways has an extensive guide to install WordPress SSL certificate on their platform. In this guide, I will cover different ways to add HTTPS to your website by installing an SSL certificate on your cPanel hosting. Let’s understand the terminologies first!
What is an SSL Certificate?
It is a digital certificate that ensures a connection is secure and the communication between a web server and the visitor’s web browser is encrypted. A website having an SSL certificate has a padlock following the protocol HTTPS instead of HTTP in the address bar.
An SSL certificate also prevents from man-in-the-middle attacks in which a hacker can steal the information transferring to and from your web server.
Why an SSL Certificate is Important?
SSL as a Ranking Signal
Security is always one of the top priorities of Google. Back in 2014, Google started encouraging website owners to switch from HTTP to HTTPS to make the web a safe place.
To start it over, Google stated:
Over the past few months, we’ve been running tests taking into account whether sites use secure, encrypted connections as a signal in our search ranking algorithms. We’ve seen positive results, so we’re starting to use HTTPS as a ranking signal.
SSL Improves Customers’ Trust
Since all the web browser giants started marking non-HTTPS sites as not secure. Will you trust a business having a Red Warning message that a site isn’t secure?
Having a Green Padlock icon increases your brand credibility and visitor’s trust that can help you to drive more sales.
Types of SSL Certificates?
There are four types of SSL certificates described below:
- Single Domain
A single SSL certificate can be used on one domain only, i.e. example.com
- Multi-domain
A single SSL certificate can be used on multiple domains, i.e. example.com, abc.com, xyz.com
- Wildcard
A single SSL certificate can be used for an entire pool of subdomains, i.e. example.com, sub1.example.com, sub2.example.com
- Multi-domain Wildcard
A single SSL certificate can be used as multi-domain and Wildcard, i.e. example.com, sub1.example.com, abc.com, sub1.abc.com
There are a number of SSL certificate providers available online like Comodo, RapidSSL, Cloudflare etc. But, for this article, I will be using a free SSL certificate provider, Let’s Encrypt.
What is Let’s Encrypt?
According to the Let’s Encrypt official website:
Let’s Encrypt is a free, automated, and open certificate authority brought to you by the non-profit Internet Security Research Group (ISRG).
Meaning, anyone who owns a domain name can easily secure the communication between his visitors and the web server at no cost.
The focus of this article is to guide how one can easily install Let’s Encrypt certificate on a widely used web hosting control panel, that’s cPanel.
Install Let’s Encrypt on cPanel
Prerequisites
- The domain name should be propagated already.
- cPanel also includes the parked domains, make sure they are also propagated before initializing the Let’s Encrypt installation on cPanel.
- Let’s Encrypt certificates expire after 90 days. The renewal process is automatic in most of the cPanel based hosting, for others, you may need to renew manually.
- For some reasons, if the certificate failed 5 times per domain in an hour, you may need to wait for the next hour.
To know more about Let’s Encrypt limitations, have a look at here.
Install Let’s Encrypt on cPanel Using SSL For Free
SSL For Free is an online tool that generates a Let’s Encrypt certificate on your behalf. Visit SSL For Free and enter your domain name (without www) and click “Create Free SSL Certificate”.
It will take you to the next screen asking your preferred method to verify the domain ownership. In my example, I’ve headed over to the Manual Verification.
Again, click on the Manually Verify Domain, it will generate a few required files that need to be uploaded in your cPanel. Download both of the files.
Open the file manager and get into the public_html folder to create a folder named as “.well-known” if it does not exist already. Now get into the newly created “.well-known” folder and create another folder named as “acme-challenge”.
Now, upload the previously downloaded files to “acme-challenge”.
Once uploaded, head over to these URLs to verify the successful upload. (Replace example.com with your domain name)
- http://example.com/.well-known/acme-challenge/Kf_kczUj3hB8rmovmViAXktkUXuFxU3Z9HQpBp0NEn4
- http://www.example.com/.well-known/acme-challenge/KRuZIBNu-coGwgu2ACmU4V_9xelLPWepJbQAKzDfKLU
You should see some random alphanumeric characters. Now, click the Download SSL Certificate button.
And you will get three things:
- Certificate: (CRT)
- Private Key (KEY)
- Certificate Authority Bundle: (CABUNDLE)
Do not close this tab! Within your cPanel, head over to SSL/TLS under the security tab.
And go to Manage SSL sites.
Select the domain name and enter the above-generated CRT, KEY, and CABUNDLE and click on Install Certificate button.
That’s all! The Let’s Encrypt certificate is installed on your cPanel.
Contact Your Web Hosting Provider
If any of the above methods didn’t work for you. Contact your web hosting provider and ask whether they support Let’s Encrypt, if yes, how one can install it. Most of the time the web hosting provider has a guide.
Renew Let’s Encrypt SSL Certificate
As you can see, we have provided the email address in the above methods. Let’s encrypt will remind you about the expiry. Make sure you enter the correct email address to avoid any inconveniences. It is always a good idea to renew an SSL certificate before it expires.
Force HTTPS Everywhere
Since we have successfully installed SSL certificate but the visitors will still be able to browse via HTTP. You need to force visitors to serve via HTTPS only. To do this, add below lines of code at the TOP of your .htaccess file.
RewriteEngine On
RewriteCond %{http:X-Forwarded-Proto} !HTTPS
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
If you do not see a padlock icon on some pages make sure all the URLs present on that page are using HTTPS protocol. This is called Mix content warning. You need to either remove them or replace HTTP with HTTPS.
There is an excellent tool by JitBit that identifies all the HTTP URLs on a particular page.
Final Words!
As you can see, we have successfully installed the Let’s Encrypt free SSL certificate to our domain name. If you encounter any issues, try reaching out to your web hosting support or, leave a comment. I will try to help you out.
- Just want to thank us? Buy us a Coffee
- May be another day? Shop on Amazon using our links.
Your prices won't change but we get a small commission.
priya says
This is really an excellent blog as well as its content.