InMotion Hosting Support Center

Let’s Encrypt is a service provider that provides SSLs for your website for free. This allows you to get a valid SSL certificate for use on your site. SSLs provide secure site connections and have lots of uses. This write-up will show how to get, setup, and maintain an updated SSL.

Shared Servers

Please note that these commands are designed to run in a series, and during the same SSH session.

  1. First, be sure to find the document root for your domain
  2. Then login to your server via SSH
  3. Run the command
    curl --silent https://raw.githubusercontent.com/srvrco/getssl/master/getssl > getssl ; chmod 700 getssl
    This will download the Bash script we will be using to obtain our Let’s Encrypt SSL.
  4. Next, run the command
    sed -i 's/curl -k/curl -Aagent -k/' ./getssl
    This adds a user-agent to the script which helps it to complete one of its tests.
  5. Create base configuration files for your domain by running
    domain=yourdomaingoeshere.com; ./getssl -c $domain
    Be sure to replace yourdomaingoeshere.com with your actual domain.
  6. These commands will setup your configuration file. Enter these one-by-one, in the following order
    configFile=.getssl/$domain/getssl.cfg; sed -i 's/SANS/#SANS/' $configFile
    echo 'CA="https://acme-v01.api.letsencrypt.org"' >> $configFile
    echo "ACL=('/your/document/root/goes/here/.well-known/acme-challenge')" >> $configfile
  7. Obtain the Let’s Encrypt SSL by running
    ./getssl $domain
  8. To install the SSL certificate you will need to login to your cPanel and go to your file manager, Inside your home directory, you will go to the .getssl folder and then the folder for the domain name you are working with. Download the yourdomain.crt yourdomain.key and chain.crt. Once you have them downloaded go back to your cPanel and you will go to the "SSL/TLS manager" and click "Manage SSL sites". Once in here select the domain you want to install the certificate on from the drop down. Open the files you downloaded earlier in notepad or your preferred text editor and and paste them into the fields on the screen, The yourdomain.crt will go into the "Certificate (CRT)" field, yourdomain.key will go into the "Private Key (KEY)" field and lastly the chain.crt will go into the "Certificate Authority Bundle: (CABUNDLE)" field. Ensure you copy the entire contents of each file into these fields. Once these have been pasted in click the "Install Certificate" Button at the bottom of the page. Your SSL is now installed.
  9. Let's Encyrpt SSL certificates only last 90 days, To renew the certificate simply SSH back into your account and run the command below.
    ./getssl yourdomain
    After Running the command repeat step 8 to install the updated certificate.

Awesome! Now you've got a Let’s Encrypt SSL all setup on your shared server.

VPS and Dedicated Servers with cPanel

  1. First login to your server via SSH as root If you do not have root access you can request it by following the directions here
  2. Once logged in you will want to run the command below to enable lets encrypt for AutoSSL.
    /scripts/install_lets_encrypt_autossl_provider
  3. Now that we have enabled lets encrypt we need to set your AutoSSL to use it, login to your WHM as root and go to the "Manage AutoSSL" menu, You can find this by searching for SSL in the searchbox in the upper left hand side.
  4. On the Manage Auto SSL page you will have a list of providers for AutoSSL and you will now have the option for Let's Encrypt. Select the radio button next to Let's Encrypt and then click save below.
  5. On the Manage Auto SSL page select "Manage Users", From here you can enable or disable AutoSSL on a per cPanel account basis, It will be enabled for all by default, AutoSSL will check all domains every 24Hrs for certificates, You can force it to check and provision one now by clicking the "Check 'cpuser'" button on the Manage Users page.

You now have Let's Encrypt setup on your server.

Support Center Login

Our Login page has moved, Click the button below to be taken to the login page.

Social Media Login

   
Social Login Joomla

Related Questions

Here are a few questions related to this article that our customers have asked:
Ooops! It looks like there are no questions about this page.
Would you like to ask a question about this page? If so, click the button below!
Ask a Question
n/a Points
2017-12-07 9:15 pm

I keep getting 

copying challenge token to /public_html/test/.well-known/acme-challenge/9Ns0GfwvF2tt2-8GZ6Mdy0yEHIwIdX4ayHdF4gkrweI

mkdir: cannot create directory `/public_html': Permission denied

getssl: cannot create ACL directory 9Ns0GfwvF2tt2-8GZ6Mdy0yEHIwIdX4ayHdF4gkrweI

And, with a reseller account, I can't get root access.

Is it my error, or can't get there from here?

 

Staff
1,704 Points
2017-12-08 4:52 pm
I would check the user that you are running the commend with. You'll want to SSH and run these commands as the user that owns the domain. If you are using the correct user, it is possible the permissions may need to be reviewed to ensure the user can write to that directory.
2017-12-04 9:52 pm
I just changed to https. Then I went to Whynopadlock.com and got the following error message about the ONE image I uploaded to my site.;

An image with an insecure url of "http://zayantecreekpress.com/wp-content/uploads/2017/12/DSC00010.jpg" was loaded via the javascript file: https://zayantecreekpress.com/wp-content/themes/zerif-lite/js/parallax.js?ver=v1 on line 192. The insecure URL may not be directly contained in the script file and may exist elsewhere.
You may need to contact your web hosting provider for assistance. This URL will need to be updated to use a secure URL for your padlock to return.
Staff
1,704 Points
2017-12-04 10:49 pm
From what the error is indicating, it seems that the script for the theme you are using is loading a non-https version of the image. Either the script needs to be updated or the image should be re-uploaded. I would recommend first trying to re-upload the image. It may just be something simple like that to complete the conversion to https. Also, using a plugin like Velvet Blues, may help to update all your images/references within your website. However, you may need to reach out to the developer of the theme to ask for an update that will load that particular resource/image over https rather than http. I hope this helps!
n/a Points
2017-11-11 10:52 am

I had to create the folders manually starting from well known and so forth... is ther any way to just make it copy the files there... it tries to create the folders and still no go (no permissions)

Staff
10,059 Points
2017-11-13 10:40 am
You will need sudo or root level privileges.
n/a Points
2017-10-24 6:39 pm

Hi, in your instructions, why can we not add other domain versions eg. domain.com and www.domain.com by default like how it is done with the Auto SSL? Without having to force HTTPS on www.domain.com?

Staff
1,704 Points
2017-10-24 7:33 pm
Unfortunately I am unsure as to the reason why that is not a function of Let's Encrypt. However, I did find by reviewing the Let's Encrypt forums that you can create the Certificate to include both, by generating the CSR with the non-www and www versions of the domain included.
n/a Points
2017-10-03 3:00 am

mistake: last part of step 6 for Shared Servers - $configfile needs to be $configFile

Staff
13,821 Points
2017-10-03 6:43 am
Thanks!
n/a Points
2017-11-24 11:54 am

You should also change it on the last line - for ACL

Post a Comment

Name:
Email Address:
Phone Number:
Comment:
Submit

Please note: Your name and comment will be displayed, but we will not show your email address.

13 Questions & Comments

Post a comment

Back to first comment | top

Need more Help?

Search

Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail: support@InMotionHosting.com
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!