Mostly, NameCheap is an excellent and certainly economical host for your websites. However, unlike many hosts they don’t make getting free SSL certificates easy. Read on to find out how to get free SSL certificates using Lets Encrypt.
To set up free SSL certificates access the back end “shell” is required.
First you need to get SSH access going. On the C Panel navigate to “Manage Shell”. Try searching for it using the C Panel search facility.
Looking at the image below, ensure that the orange circled switch is enabled as shown. Then take note of the connection details circled in green.
The online “Terminal” option on C Panel works fine and is a quick way to get going. It even logs you in. But you can use a terminal program like Putty to access SSH.
Install Putty and enter the connection data into the configuration as shown in the red rectangles. Save the configuration to make it easier next time.
Next click Open and a terminal screen will be seen prompting for a log in. Enter the user name from the Manage SSH screen and then your user name. If you use a password manager copy the password and then paste it into Putty by right clicking onto where it is to go. Then press return, and if the log in details are correct it will log you in.
curl https://get.acme.sh | sh
Source the Environment variables
Register your email with Let’s Encrypt to be notified any renewals issue.
acme.sh --register-account --accountemail firstname.lastname@example.org
At this moment a cron entry already has been setup for autorenewal which will auto renew after 60 days., You can update
/dev/null to something like below if you need the log.
crontab -l | grep acme.sh
10 0 * * * "/home/CPANEL_USERNAME/.acme.sh"/acme.sh --cron --home "/home/CPANEL_USERNAME/.acme.sh" >> /home/CPANEL_USERNAME/.acme_cron_log
webroot will be any directory in which your domain exists, give the path accordingly.
Test the certificate generation using the staging option.
acme.sh --issue --webroot ~/public_html -d yourdomain.com --staging acme.sh --deploy --deploy-hook cpanel_uapi --domain yourdomain.com
Issue an actual certificate. The force option is needed as the certificate was already generated above and we want to over ride the delay in getting another one.
acme.sh --issue --webroot ~/public_html -d yourdomain.com --force
In the output you will see “success” if all goes fine and the key, cer, csr and fullchain.cer files will be stored under
Deploy the certificate to C Panel.
acme.sh --deploy --deploy-hook cpanel_uapi --domain mydomain.com --domain www.mydomain.com
Multiple domains can be done by listing them in the command line with “-d” or “-domain” before them.