Hello Sunil
How to Install Let’s Encrypt SSL on WordPress Website

How to Install Let’s Encrypt SSL on WordPress website

In my previous blog post I have discussed about SSL, how it works and why we should use it. In this article I will explain how you can install Let’s Encrypt SSL certificate on your WordPress website. SSL certificates have become a more highly visible topic lately due to Google’s policy announcement in the year of 2016. But recently Google has announced again “Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as not secure”. You can read the full article from here.

If you are searching on the web to get a free SSL certificate to secure your website which eventually impacts your Google’s search ranking then you are at the right place. I will describe step by step process how you can get a  Let’s Encrypt SSL  certificate which is free to use and best way to create trust among your readers who visits your website. Lets begin…

Let’s Encrypt is a certificate authority that launched on April 12, 2016 that provides free certificates for Transport Layer Security (TLS) encryption. However for an average user obtaining a certificate from Let’s Encrypt and getting it installed on a web server isn’t always an easy task.The level of difficulty varies from hosting service to hosting service. Most of hosting services would rather sell an SSL certificate to their user which generate revenue for them so that  it is in their interest to make using Let’s Encrypt difficult or impossible.

I am currently using Godaddy as my hosting service where I am going to install Let’s Encrypt on shared hosting account. Sometimes it is daunting stuff for novice user to install SSL certificate from Let’s Encrypt who has just started his blog and wants to shield his blog with SSL so that here I will mention a fairly simple method where you do not need to mess up with any command line.

Here are some typical steps for installation of Let’s Encrypt on the shared server

Step-1: Generate CSR (Certificate Signing Requests)

Step-2: Generate SSL Certificate with CSR

Step-3: Install SSL on server

Step-4: Change the Site URLs using WordPress dashboard

Before makes  your hands dirty I would like to highlight, you need to frequently switch between Godaddy and  ZeroSSL interface.

Please follow below step by step process as mentioned:

Step 1: Login to your Godaddy dashboard -> Security ->  SSL/TLS

Godaddy’s SSL/TLS option
Godaddy’s SSL/TLS option

Step 2:  A new page will open like shown below. In order to generate a new CSR click on the second “Certificate Signing Requests (CSR)” option.

Certificate Signing Requests (CSR)
Certificate Signing Requests (CSR)

Step 3: Under generate a new certificate signing request (CSR) form  you need to populate data of these “domains, city, state, country, company, email and description”.  While entering domain name you need to mention it without www or HTTP as well as if you do not own a company, then put your domain name in the place company filed.

Mention domain name without www and HTTP
Mention domain name without www and HTTP

Step 4: After filling all the details as mentioned above, click on generate button.

Click on generate button after filling all details
Click on generate button after filling all details

You will receive a message like -“The certificate signing request for “hello-sunil.in’ has been generated and saved in your user directory. To purchase a trusted certificate, you must copy the encoded certificate signing request below and send it to the certificate authority. Follow the instructions provided by your certificate authority.” 

Encoded certificate signing request
Encoded certificate signing request

A new CSR with encrypting and decrypt key will be generated. Save all files in separate notepads on the computer.

Decoded Certificate Signing Request, Decoded Key, Encoded Certificate Signing Request and Encoded Key
Decoded Certificate Signing Request, Decoded Key, Encoded Certificate Signing Request and Encoded Key

Step 5: Now visit ZeroSSL website for creating the SSL certificate. Click on Online tools -> Start button to initiate the process.

Click on online tools then start button
Click on online tools then start button

Step 6: Now paste “Encoded Certificate Signing Request” which you had received in step 4 into right hand side of text box.

Paste your CSR which you had received from Godaddy
Paste your CSR which you had received from Godaddy

Then tick mark on both check boxes “Accept ZeroSSL TOS” and “Accept Let’s Encrypt SA (pdf)”.

Select both check boxes
Select both check boxes

On left hand side select HTTP verification. You can also do it via DNS verification but for this post I am selecting HTTP verification procedure due to less time consuming.

Click on HTTP verification radio button
Click on HTTP verification radio button

Then click on next button which will generate a private key.

Next button
Next button
Private Key has been generated
Private Key has been generated

It would take few seconds to generate your private key.  Once private key would generate save it in your computer for later use.

Step 7: Now we need to upload the generated private key into our Godaddy hosting account. So that, come back to Godaddy dashboard -> Security ->  SSL/TLS -> Private Keys (Key)

Click on private keys
Click on private keys

Then a form will appear where  you can upload private key which we had received in our previous step.  You need to copy private key into clipboard as shown below.

Copy private keys into clipboard
Copy private keys into clipboard

Now private key is into clipboard so that paste it into “upload a new private key” text box on Godaddy and hit save button.

Click on save button
Click on save button

Then you will see a success message that your private key has been uploaded.

Successfully private key has been uploaded
Successfully private key has been uploaded

Now click on next button on ZeroSSL interface.

Click on next button
Click on next button

Step 8: We have successfully completed first step of Wizard. The second step of wizard is “verification”. On this step we will create a file in our root folder and add a snippet of text to verify our domain ownership.

Verification wizard
Verification wizard

Come back to Godaddy interface and click on file manager which would redirect you to file structure of your site. Under public_html need to create a directory name called “.well-known” and under it one sub directory called “acme-challenge”. Your file hierarchy should look like below.

File hierarchy of your newly created directory and its sub directory
File hierarchy of your newly created directory and its sub directory

Step 9: Copy the file name from previous step as below illustration and go to “acme-challenge” directory and create a file and give the same name to your file which you have copied from ZeroSSL verification wizard.

New file name
New file name
File create under /public_html/.well-known/acme-challenge
File create under /public_html/.well-known/acme-challenge

We have created a file as asked by ZeroSSL now we need to put snippet of text to verify our domain ownership. For this copy text string from ZeroSSL as below illustration and paste it under the file which we had created previously and click on save button.

Copy the text string from ZeroSSL
Copy the text string from ZeroSSL
Click on code edit and paste the text string in it
Click on code edit and paste the text string in it

If you have done everything correct then come back to ZeroSSL interface and hit on next button.

Verification wizard next button
Verification wizard next button

Step 10: We are into final stage i.e certificate wizard as below illustrated image. Our certificate has been generated successfully so that it’s time to install it on Godaddy.

Certificate wizard of ZeroSSL
Certificate wizard of ZeroSSL

Copy certificate snippet code as below image

Copy the certificate snippet into your clipboard
Copy the certificate snippet into your clipboard

Now go to Godaddy dashboard -> Security ->  SSL/TLS -> Certificate (CRT).

Click on Certificates (CRT)
Click on Certificates (CRT)

Under upload a new certificate, paste your certificate and hit save certificate button.   

Upload a new certificate textbox
Upload a new certificate text box

Now you can see our certificates has been uploaded on sever as below illustrated image.

Successful upload of certificate
Successful upload of certificate

Step 11: After successful upload of certificate next step would be to install it. For this again come back to Godaddy dashboard -> Security ->  SSL/TLS -> Install and manage SSL for your site (HTTPS). 

Click on install and manage SSL for your site (HTTPS)
Click on install and manage SSL for your site (HTTPS)

A new window would come up where you need to click on browse certificates.

Click on browser certificate button
Click on browser certificate button

Select Let’s Encrypt certificate from the list and click on use certificate button.

Use certificate button
Use certificate button

Then data would auto populate in certificate (CRT), Private Key (KEY), Certificate Authority Bundle (CABUNDLE) text boxes. Click on Install certificate button.

Install certificate button
Install certificate button

You will see a message like “SSL Host Successfully Installed”. Click on Ok button.

SSL Host Successfully Installed
SSL Host Successfully Installed

Step 12: We  have successfully installed SSL certificate but our job is not yet finished. Our all URLs are with http://hello-sunil.in, so we need to change every URL to https version.

Updating the URLs to https

Change the URL of website: 

Jump to your WordPress general settings tab and change your WordPress Address (URL) to https://hello-sunil.in as shown below illustration  (you need to give  your website URL instead of mine) then save your changes.

Change your website URL from http to https
Change your website URL from http to https

Update .htaccess file:

After changing the site URL go to file manager, right click on .htaccess and select code edit.

htaccess under file manager
htaccess under file manager

A new windows would appear where we need to add following code in .htaccess file and then save the changes.

[cce_apache]
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://hello-sunil.in/$1 [R,L]
</IfModule>
[/cce_apache]

Now jump to your browser address bar and type your website address in my case https://hello-sunil.in/.

My web url in https
My web url in https

I am sure on your face a bright smile must be present now. If your face is down and not see the result as per your expectation then you need to review it where you have made mistake. You need to remember this certificate is valid only for 90 days and then again you need to renew it. I will write a post on the same how you can renew it very soon but if you are thinking why only 90 days then you should read this article. Sometime while generating certificate you can get an error “rate limit” and does not able to process for next step then you should read this article. If you are facing any issues then do not hesitate to ask me on comment section, I am always eager to help you.

Finally if you like this post then do not forget to drop a comment as well as you can follow me on twitter.

Similar articles you may like

Was this article helpful to you?
[Total: 0 Average: 0]

Sunil Pradhan

Sunil is a front-end developer, illustrator and an online entrepreneur. He is the founder of "Hello Sunil" where he shares his love of technology with the world. He loves to write technical how-tos and tutorials. He is open minded and willing to explore beyond his knowledge.

11 comments

  • Greetings! Very helpful advice in this particular post!
    It’s the little changes that produce the mlst important changes.
    Thanks for sharing!

  • Hi there would you mind letting me know which hosting company you’re utilizing?I’ve loaded your blog in 3 different internet browsers and I must say this blog loads a lot faster then most.Can you recommend a good hosting provider at a reasonable price?Many thanks, I appreciate it!

  • Thank you for any other magnificent post. The place else may anybody get that kind of info in such an ideal manner of writing? I have a presentation subsequent week, and I’m at the look for such info.

  • After looking into a handful of the articles on your website, I honestly like your way of blogging. I added it to my bookmark web page list and will be checking back in the near future.

  • Great submit, very informative. I’m wondering why the other specialists of this sector do not realize this. You should continue your writing. I’m confident,you have a huge readers’ base already!

  • Hello! I’m at work browsing your blog from my new apple iphone! Just wanted to say I love reading through your blog and look forward to all your posts! Keep up the great work!

  • Excellent items from you, man. I have be mindful your stuff prior to and you’re just extremely excellent. I actually like what you have obtained right here, certainly like what you’re stating and the best way through which you are saying it. You’re making it entertaining and you still care for to stay it sensible. I can not wait to read much more from you. That is really a wonderful site.

  • Hi! Would you mind if I share your blog with my Facebook group? There’s a lot of folks that I think would really enjoy your content.Please let me know. Cheers

  • I need to to thank you for this wonderful read!! I definitely enjoyed every little bit of it.I have you book marked to look at new stuff you post…