13-Apr-2022

Free SSL for domains hosted with Name Cheap

Mostly, NameCheap is an excellent and certainly economical host for your websites. However, unlike many hosts they don’t make getting free SSL certificates easy. Read on to find out how to get free SSL certificates using Lets Encrypt.

To set up free SSL certificates access the back end “shell” is required.

SSH Access

First you need to get SSH access going. On the C Panel navigate to “Manage Shell”. Try searching for it using the C Panel search facility.

Looking at the image below, ensure that the orange circled switch is enabled as shown. Then take note of the connection details circled in green.

Putty or Online

The online “Terminal” option on C Panel works fine and is a quick way to get going. It even logs you in. But you can use a terminal program like Putty to access SSH.

Install Putty and enter the connection data into the configuration as shown in the red rectangles. Save the configuration to make it easier next time.

Next click Open and a terminal screen will be seen prompting for a log in. Enter the user name from the Manage SSH screen and then your user name. If you use a password manager copy the password and then paste it into Putty by right clicking onto where it is to go. Then press return, and if the log in details are correct it will log you in.

Setting up the SSL Certificates

Get the acme.sh utility

curl https://get.acme.sh | sh

Source the Environment variables

source ~/.bashrc

Register your email with Let’s Encrypt to be notified any renewals issue.

acme.sh --register-account --accountemail email@example.com

At this moment a cron entry already has been setup for autorenewal which will auto renew after 60 days., You can update /dev/null to something like below if you need the log.

crontab -l | grep acme.sh
10 0 * * * "/home/CPANEL_USERNAME/.acme.sh"/acme.sh --cron --home "/home/CPANEL_USERNAME/.acme.sh" >> /home/CPANEL_USERNAME/.acme_cron_log

webroot will be any directory in which your domain exists, give the path accordingly.

Test the certificate generation using the staging option.

acme.sh --issue --webroot ~/public_html -d yourdomain.com --staging 

acme.sh --deploy --deploy-hook cpanel_uapi --domain yourdomain.com 

Issue an actual certificate. The force option is needed as the certificate was already generated above and we want to over ride the delay in getting another one.

acme.sh --issue --webroot ~/public_html -d yourdomain.com --force 

In the output you will see “success” if all goes fine and the key, cer, csr and fullchain.cer files will be stored under ~/.acme.sh/yourdomain.com/

Deploy the certificate to C Panel.

acme.sh --deploy --deploy-hook cpanel_uapi --domain mydomain.com --domain www.mydomain.com 

Multiple domains can be done by listing them in the command line with “-d” or “-domain” before them.

References

Leave a Reply

hello world!
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram