How to Do Let’s Encrypt in Cpanel with Shared Hosting

Did Green Geeks (www.greengeeks.com) not want to help you get Let’s Encrypt working in your Cpanel even though it works in cpanel?  You aren’t alone.  But we can take matter into our own hands, you know.

The tutorial I’m going to share is awesome. It’s pretty much what I based everything on and of course my experience of just making my own self signed SSL to do the same thing but more home-brew.

TUTORIAL/HOW-TO TO MAKE LET’S ENCRYPT WORK IN CPANEL

His tutorial is great if you’ve worked on servers or command lines for a while, but I wasn’t so smart.  Hopefully my notes will help the less fluent folk accomplish freedom too.

Let me just give a few side notes to help someone as they do this:

Before beginning, in your terminal, you will need to:

sudo apt-get install git

• steps 6 and 7 – Cpanel help –  Note before beginning! At no point should you ever, ever, press enter on your keyboard while in the terminal because it will force you right back to square one and you’ll have to delete all this great work you are about to do:
  • go to file manager
  • go to public_html directory and click it
  • click ‘create folder‘ with the + icon
  • type ‘.well-known’ (no apostrophes) into the field that says ‘new folder name’
  • in top right settings of your control panel hit the cogwheel and click ‘show hidden files’ or you will not see the .well-known folder you just made
  • go into the .well-known directory and create another directory called ‘acme-challenge‘ and click ‘create new folder’
  • now go inside the ‘acme-challenge’ folder and click the +file button. you will get the file name from your terminal by selecting everything after ‘acme-challenge’ and then using control+shift+C to grab it to clipboard as per this screenshot
  • 
  •  paste it into the file name with control V and ‘create new file’
  • now go back to terminal and grab the next bunch of random strings and copy it to clipboard as you are learning so well to do, young champion as per this screenshot:
  • 
  • highlight your newly created pile of randomness in cpanel
  • click the ‘edit’ button top right ish area of the screen and it will give you some warning and you will say ‘uh huh yep’ and click ‘edit’
  • you will now control V paste that bad boy into your file (just into the big white space) and click ‘save changes’ and should see ‘success!” because you deserve success by now, my little cherry cake.
  • click ‘close’.
  • Now you will have to do it again. The tutorial doesn’t say why but I figured it out, by golly.  It’s because you had domain.com and www.domain.com so you have to do two verifications.  If you had a bunch of subdomains, you’d have to do these steps for all of them as well, FYI.  Also, there is no mention about what to do with these random files sitting in these directories in cpanel.  You can delete them after the verification is done.
  • now go back to his original tutorial and start at step 8
  • Note!  The coolest part about this experience is when you get this message at the end: ‘Self-Verify of Challenge Failed”  – so you are like ‘NOOO!” and then what comes a few seconds later in the terminal?  This message:  “Congratulations! Your certificate and chain have been saved at…” which is actually the truth.  And then you are like ‘YAAAAH!!’ So much drama!  So many victory cries!
• step 9 isn’t as easy as the author lets on.  It’s also a mystery to my why I cannot have permissions with sudo to do this in the command line but it gives permission denied.  I didn’t know there was a permission higher than sudo but….

sudo nautilus yes, but then where?  this screenshot should help

Note also typing the first letter of the folder you are searching for will speed things up, like in ‘L’ for ‘letsencrypt’ in the next level 😉

• Step 11 isn’t easy either as he doesn’t explain how to open with ‘gedit’.  Just right click on the .pem files, then go to ‘open with other applications’ and then ‘show other applications’ and then start typing ‘gedit’ and it should show right up

Now here is the *critical awesomeness* that took 7 hours of my life to learn.  I will never get these hours back so I hope that you will take all the money I didn’t save by spending all the time and get it back out of GreenGeeks who refused to support Let’s Encrypt when at least myself and a few people I referred to Green Geeks asked them if they would help.  This, by the way, was the response we got:

No, you don’t support them.  But because you didn’t support me, I now support them with this blog post.  And for just 5 years of free hosting with the best plan they have, I might be convinced to remove this truth so fewer of your customers find out that they can work around your antics….

Let’s get started taking away those $20 purchases from the Geeks which are Green, shall we, or any of your hosting companies who don’t want to move into the future shall we?

How to Get a Free SSL Cert Working on your Green Geeks Hosting Plan on all your domains with Cpanel

You can create a let’s encrypt certificate for *all* of your shared domains.

Where I lost all my time was where to put the .well-known/acme-challenge in the subdomains and the whole time it was super easy.  You just click in, open the main directory under file manager and create the directories right there at the top level.  That’s it.

Then you go back and create certs for each domain and pop them in by repeating this tutorial.  One for the www and one without.

Done! Now let’s encrypt.