Install Let’s Encrypt Free SSL via SSH with Auto-Renewal Cron Job

How to Install Free SSL From Let’s Encrypt on any Shared Hosting via SSH with Auto-Renewal Cron Job

The process involves four steps:

1. We will get the acme.sh script copied to our hosting.
2. We will install acme.sh script on hosting. You don’t need to have root access for this.
3. We will get an SSL certificate by running a simple script.
4. Finally will Installing certificate using cPanel.

So lets get started with each of these steps one by one.

Step 1 – Firstly you will need cPanel and SSH login details ready with you. You may get this at the time of Domain & Hosting Registration. Secondly, you will need software called Putty to connect to a hosting server via SSH. Go to Putty.org and get a standalone version.
To get SSH login details, If you have a Godaddy hosting provider then after login to the website, go to my products and then under the web hosting, click on manage. Then under the settings panel, click on the server tab. Here you will get an IP address for login to SSH. Also if you don’t have SSH enabled you can click on manage then enabled it. Open putty software. Add IP address under Hostname and keep port to 22 as it is. Then choose the connection type to SSH. Click on Open. The login credential will be the same as your cPanel credential. Type username and password to connect. When you type a password you will not see anything. Just hit enter after typing your password. After login, we will install acme.sh script on our host to get SSL. Just copy this git command.

git clone https://github.com/acmesh-official/acme.sh.git

Before doing this lets see where this will save script and SSL on your cPanel, so login to cPanel as well to see the location. After login to cPanel click on File Manager. You will be presented with the root directory for your hosting account. This will be the place where acme.sh script will be saved. So go back to putty paste the command you have copied then right-click on a black screen and hit enter. Files will be automatically copied from GitHub to your host. Then copy the next command cd ./acme.sh to enter into the folder just created.
Paste command by right-clicking and hit enter.
Now let’s see where these scripts have been saved in our hosting. Just reload, & you will see a new folder with the name acme.sh. Click on it. Inside you will find the files which have been copied from Github.

Step 2 – Now we want to install acme.sh script on our hosting. Copy installation command ./acme.sh --install and go back to putty right-click to paste and hit enter. The script will be installed. You might get a warning to install socat script but you can simply ignore this as it is not required. By this time the cron job script also ran on your script. You can confirm this by going to Cron Jobs setting on cPanel. This will check regularly on a daily basis if you have an SSL certificate expired or not, if expired then will get a new one automatically. We will need to change this setting to run it once on a daily basis automatically. You can keep all settings as it is. Don’t need to change anything else.

Step 3 – Next we will get an SSL certificate. Close the putty program and reopen. If you do not do so you will get an error. Copy this command & before pasting just replace the hosting username and domain name with yours. acme.sh --issue -d sunilchauhan.com -d www.sunilchauhan.com -w /home/sunilchauhan/public_html. Right-click to paste and hit enter. You will get errors if you did not close and reopen putty software. So you have to close it and reopen it again. Login again and then copy the command then right-click to paste on putty then hit enter. Hurray, we finally get the SSL certificates. So let’s see where it has been saved on our hosting. Open File manager, here in the root directory you can see there are two new folders acme.sh & .achme.sh. We will check inside the .acme.sh folder. Under your domain name folder, you will get all certificates required to be installed.

Step 4 – Finally we are going to install certificates. There are 2 methods, first is automatic which requires a simple command to be run. Second method is manual installation via cPanel. We will see both.

Automatic Method: Copy the code below & before coping make sure you replace the domain name with yours. Go back to putty right-click to paste on it and hit enter.

acme.sh --install-cert -d sunilchauhan.com \
--ca-file ca.cer \
--cert-file      sunilchauhan.com.cer  \
--key-file       sunilchauhan.com.key \
--fullchain-file fullchain.cer \
--reloadcmd     "service apache2 force-reload"

If you don’t have full access to hosting you’ll get an error like a service command not found. This simply means you don’t have access to the service command which actually requires restarting your apache server. Without this certificates will not be installed automatically and that is why the second method is useful. Alright, now close the putty. Its work has been done.

Manual Method: Go back to the file manager using cPanel. Go to .achme.sh folder. Then go to your domain name folder. Now we will install these certificates using cPanel. Go to the cPanel dashboard and click on the SSL/TLS icon. Under Install and Manage SSL click on the link Manage SSL Sites. Then scroll down the domain section and choose your domain. Go back to the file manager then check the file with .cer file extension. Right-click on the file and click view. Copy the whole code as it is. Go back to another tab where we have opened Manage SSL Sites. Paste the code into the certificate input box. Go back to the file manager & check the file with the .key file extension. Right-click on the file and click view and then copy the whole code as it is. Paste it into the Private Key input section. Go back to the file manger and check the file ca.cer right-click then click view and copy the whole code & paste it into the certificate authority bundle. Finally click on the install certificate button. Success popup will display and your site now has a secure SSL certificate with a padlock icon and https in the address bar.