Install letsencrypt Free ssl certificate in a shared hosting – Free SSL certificate for your Website

Get Free SSL certificate for your Website

Let’s Encrypt is a certificate authority (CA) from non-profit Internet Security Research Group (ISRG) that provides free X.509 SSLl/TSL certificates via an easy automated process. It removes all complex process of manual creation, validation, signing, installation, and renewal of secure certificates. It is supported by all major browsers.

Note: This SSL certificates do not require a dedicated IP address or dedicated Hosting.
Note: To check your browser support click here.
Note: you only need dedicated ip, if you want to add very old browser support like IE6 on windows xp.

Note: Follow the same steps to renew your certificate also.

Free letsencrypt installation and setup steps on any shared hosting:

1.Install letsencrypt in your local system.
2.Get a certificate.
3.Install letsencrypt certificate on your domain.

1.Install letsencrypt in your local system.

Here we using ubuntu to install it locally. You can also follow this steps for any debian based OS.

Open your terminal app. In terminal type the below command and hit enter to execute it.

cd /usr/local

Then execute the below command in terminal

sudo git clone

This will download letsencrypt on your usr/local folder.

Then type and hit the below command to install it.

sudo ln -sf /usr/local/certbot/certbot-auto /usr/bin/certbot

To check the help menu, execute the below command

certbot --help

[OR] For the older version of letsencrypt client follow below [Let’s Encrypt Client is now Certbot] and not recommended for new fresh install.

sudo git clone
sudo ln -sf /usr/local/letsencrypt/letsencrypt-auto /usr/bin/letsencrypt
letsencrypt --help

2. Get a SSL/TSL certificate with letsencrypt:

To create a new SSL certificate for the domain and, type the below code in terminal and hit enter.

Note: Replace and with your domain.
Example: Here i am using for this tutorial.

certbot certonly --manual --email -d -d

[OR] Try below if your are using older version of  letsencrypt client [not recommended for new fresh install]

letsencrypt certonly --manual --email -d -d

Example for my domain

certbot certonly --manual --email -d -d

It will ask you to agree some license agreements. Type A and Hit Enter for OK.

It will also ask for IP logging. Type Y and hit enter key to confirm it.

Then it will give you a challenge to verify your ownership of the domains. Like below.


Make sure your web server displays the following content at before continuing:


Note: The above challenge looks little different for some version, but the below procedure is same for all.

Suggested Read:  CompleteLock InstallGuard - Block Users from Installing Software on Your Computer

To solve the challenge, go to your domian root that is your public_html folder and create .well-known folder. Inside that .well-known folder create acme-challenge folder and then inside the acme-challenge folder create hRiVw4n5HkMKjGOJ5sM1LH6aZ7PAikvQ50P5v5ol3HYHHH folder.

Here this folder name is different for each user. Note yours and create according to yours. And inside that create a index.html file. Open that file and copy /paste the second content. That is  hRiVw4n5HkMKjGOJ5sM1LH6aZ7PAikvQ50P5v5ol3HYHHH.vBE2BdGTIzmo319dQAzEVl1HjPuYrr80O49aLOblk7M for my case without any space. This content is also varies. Replace it with yours.

You will have to complete this challenge twice for each of the domains provided.

After you complete these two challenges you should get a success message like below screenshot.

3.Install letsencrypt certificate on your domain.

After generating the certificate you need to install it on your domain. Here i am using cpanel control panel to manage my hosting. This procedure is not very different for other control panels.

The certificate is saved in /etc/letencrypt/live/ directory. Replace with your domain name. You can see several files, but we need just the below 3 files.


Here privkey.pem is the private key, cert.pem is the ssl certificate and chain.pem is Certificate Authority Bundle (CABUNDLE).

In your terminal run the below code. it will open nautilus file browser as root.

gksudo nautilus


sudo -E nautilus

Now login to cpanel and look down for SSL/TSL manager. And open it.

Click Generate, view, upload, or delete your private keys link. Now go back to the opened nautilus file browser as root and open the privkey.pem file with any text editor or gedit. Then copy all the contents from that file and paste it on “Paste the key below:” section and click the save button.

Now go to to ssl/tsl manager and click Generate, view, upload, or delete SSL certificates link.And open the cert.pem file with any text editor or gedit as root. Then copy all the contents from that file and paste it on “Paste your certificate below:” section and click the save certificate button.

Now again  go to ssl/tsl manager and click Install and Manage SSL for your site (HTTPS) link. Select your domain from dropdown and Copy the cert.pem content to Certificate: (CRT) box, privkey.pem content to  Private Key: (KEY) box and chain.pem content to Certificate Authority Bundle: (CABUNDLE) text box. And click the Install Certificate button.

Thats it. Now go to in your browser. Replace with your domain.


You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *