Get Let's Encrypt running on shared hosts

Discussion in 'White Hat SEO' started by bartosimpsonio, Feb 10, 2016.

  1. bartosimpsonio

    bartosimpsonio Jr. VIP Jr. VIP Premium Member

    Mar 21, 2013
    Likes Received:
    Home Page:
    Tested this on Namecheap, works just fine. https is a FREE way to earn a few white hat points, it's the low hanging fruit. Grab it first.

    Follow these steps to get Let?s Encrypt SSL certs installed for your shared hosting domains. This should work on any shared hosting where the Cpanel allows for SSL management. 1) Download the Let?s Encrypt client. Instructions here.

    2) Download the ?Automating it all? Bash script from here
    Save the script as gencert on a Linux host.
    Run chmod +x ./gencert on your shell
    Now edit gencert and go to line number 65. Change the very first word from letsencrypt to letsencrypt-auto
    3) Add letsencrypt-auto path to your PATH environment variable.
    4) Run ./gencert
    5) Answer A to Agree on the first question. DO NOT PROCEED NOW, LEAVE THIS SCRIPT AS IT IS FOR NOW.
    Now this is the important part
    6) Go back to your web browser. Open your Cpanel for the hosting account.

    7) Open File Manager, choose the domain for which you?re creating a cert.

    8) Go to the public html root and create a new folder called .well-known. Open .well-known
    9) In .well-known create a new folder called acme-challenge. Open acme-challenge
    10) Now go back to the terminal where you ran gencert and read the line that says :

    printf ?%s? asd9f9sadf9asd9f9asd9fa9sdf.ds90f9-bv0sd90fs9df9sd9f9sd9asd-sdfsd0fsd0f0sdf0s0df0sdf > .well-known/acme-challenge/sd9f9sdf9s9df9sd9f9sdf9s9df99sdf9
    Copy that last part after acme-challenge/
    11) Go back to Cpanel File Manager and under acme-challenge/ create a blank file called sd9f9sdf9s9df9sd9f9sdf9s9df99sdf9 (whatever you copied just now)
    12) Now edit the blank file. Leave it blank and go back and look at that terminal screen again:
    printf ?%s? asd9f9sadf9asd9f9asd9fa9sdf.ds90f9-bv0sd90fs9df9sd9f9sd9asd-sdfsd0fsd0f0sdf0s0df0sdf > .well-known/acme-challenge/sd9f9sdf9s9df9sd9f9sdf9s9df99sdf9
    13) Copy that first string, exemplified here in bold.
    14) Paste it to the file you have open on Cpanel. SAVE it.
    15) Look at the Cpanel file path, it should be something like public_html/YOURDOMAIN.COM/.well-known/acme-challenge/. Copy the part from the domain on and paste it into a new browser window URL along with the second part as file name, for example: http://YOURDOMAIN.COM/.well-known/acme-challenge/sd9f9sdf9s9df9sd9f9sdf9s9df99sdf9.

    It should now show a blank screen with only the string asd9f9sadf9asd9f9asd9fa9sdf.ds90f9-bv0sd90fs9df9sd9f9sd9asd-sdfsd0fsd0f0sdf0s0df0sdf you copied in step 12. If this showed up, then success! You?re ready to create your cert.

    If it did not show up, check all the steps before for typos, white spaces and so on. These strings must all be identical, no white spaces and upper/lower case chars changed.
    16) Go back to the terminal and type Y to procede with gencert
    The script will now verify that http://YOURDOMAIN.COM/.well-known/acme-challenge/sd9f9sdf9s9df9sd9f9sdf9s9df99sdf9 exists and that its contents are asd9f9sadf9asd9f9asd9fa9sdf.ds90f9-bv0sd90fs9df9sd9f9sd9asd-sdfsd0fsd0f0sdf0s0df0sdf

    (Obviously these will be your signature strings not the bogus ones from here.)
    If everything went well, you now have a certs/YOURDOMAIN.COM directory that contains your private key, and on your current directory you should see 000X_chain.pem file.
    17) Go to Cpanel?s SSL manager. Choose YOURDOMAIN.COM
    18) Open 000x_chain.pem file on your favorite text editor.
    Inside it there are two certificates, you should easily identify them, they?re just one on top of the other. The first one is for your domain name (CRT). The second one is the certificate authority bundle (CAB). Copy the above one including ??BEGIN CERTIFICATE?? and ??END CERTIFICATE?? and paste to the CRT text field in Cpanel. Copy the below one and paste to the CAB field. The fields should indicate a green arrow if all went well.
    19) Open certs/YOURDOMAIN.COM/privakeyX.pem and copy everything and paste it to the middle box (KEY)

    20) Click Install Certificate and enjoy!
    If everything went ok you can now type https://YOURDOMAIN.COM and see your website via a secure link. Cheers!

    Source via Reddit