Last year, I heard about Let’s Encrypts free SSL. But I was using WordPress.com to host my website. So I already had SSL on my site. So I did not pay much attention to it.
From 2017, I am quite serious about my site and have a plan to write regularly on my blog. I have a “bad reputation” for coming up with a new idea every morning. So yesterday I installed the free SSL certificate on my shared hosting and saved 10 USD!
So here’s how I did it.
- Searched for “Free SSL” on google. (I forgot the name Let’s Encrypt ? ).
- Then I found a couple of organizations and the name “Let’s Encrypt” clicked in my head! Because my boss mentioned this name earlier.
- Then I searched again “Let’s encrypt on a shared hosting” and opened another tab to check if NameCheap has any built-in support for Let’s Encrypt. So I searched again.
- Then I found this article: How To Install Free SSL From Let’s Encrypt On Shared Hosting
- Opened up the terminal on my MacBook and wrote
ssh -p 21098 myUserName@sekander.pro
Here
-p 20198
is the port number for shell access. I got the port number from NameCheap’s Support doc. - Then I used my cPanel password as the shell password.
But the terminal told me that I do not have shell access enabled on my hosting. So I contacted NameCheap support via live chat.
- So I logged in again and ran the commands following commands
git clone https://github.com/kelunik/acme-client
cd acme-client
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"; php composer-setup.php; php -r "unlink('composer-setup.php');"; php composer.phar install --no-dev
php bin/acme setup --server letsencrypt --email your@email.com
php bin/acme issue --domains yourdomain.com:www.youdomain.com --path /home/x123011738/public_html:/home/x123011738/public_html --server letsencrypt
Requesting certificate ... Successfully issued certificate. See /home/x123011738/acme-client/data/certs/acme-v01.api.letsencrypt.org.directory/yourdomain.com
cd /home/x123011738/acme-client/data/certs/acme-v01.api.letsencrypt.org.directory/yourdomain.com
Then I copied the contents of the fullchain and key file using the commands below and saved on my desktop with the same name.
cat fullchain.pem
cat key.pem
- Then, I logged into the cPanel of my site and found the option to manage SSL Certificates. I selected the domain and uploaded the files I have made on my desktop.If your site has static HTML files, then you’re done till here. But mine is a WordPress powered site. So I had to change the URL structure from
wp-admin → Settings → General
. I have changed http://sekander.pro to https://sekanderb.com and then saved the settings. - But I was not happy yet. Because I found the SSL certificate on the single posts and pages. But it was not working on the homepage ?
- So I had to google again “Setup SSL WordPress” and found that I need to paste something in my .htaccess file!
- I logged in to the cPanel again and good lord! There’s no .htacess file on the hosting root! How’s this possible! How can a WordPress site run without a .htacess file!
Then my colleague, who luckily works on the Dokan plugin support team, told me that it could be hidden. So I enabled showing hidden files and voila! The file was there with hefty lines of rewrite rules and allowing file types to uploading. - I pasted the following lines at the very end of the .htacess file
<IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://www.yoursite.com/$1 [R,L] </IfModule>
This article has more detailed information: How to Add SSL and HTTPS in WordPress
It helped me to redirect the traffic with http to redirect to https. So now I can see the green https on the home page ?
- I have setup a cron job to renew the SSL certificate every month.
This is all I have done to activate SSL on this site. If you get confused or need any clarification from me, feel free to comment below 🙂
Leave a Reply