Let’s Encrypt SSL certificate and installation under cPanel

In this article I will show you how to install Let’s Encrypt SSL sertificate by yourself, without any help from anyone else on simpliest possible way in shared hosting using cPanel and VirtualBox to WordPress site, in this case, my personal website darkodrazovic.in.rs (certificate will be uninstalled at 01/03/2016).

Of course, if you do not want to fuck with new installations, commands, and other shit and you are not in break-bit to make renewal every three months, you can buy a certificate with a good seller, like Ninet Hosting Company, and the people from their technical support will install sertificate for your domain without any problem.
Good sides of using Let’s Encrypt SSL certificate, now: Free for any use
Disadvantages Let’s use Encrypt SSL certificates, now: Still in beta phase which means that they can (not necessarily mean that they will) expect some crashes and a certificate must be renewed every 3 months.

Step 0: Go to https://gethttpsforfree.com/

With this site, you do not have to install the client on your computer….everything is half-automated

Step 1 – Account Info

  1. Enter your email address
  2. Click on the link (how do I generate this?)
  3. Commands that you write down – run on your virtual machine via PuTTy…copy output from PuTTy (just select, PuTTy will copy selection to clipboard automaticaly)
  4. …and paste in the “Account Public Key”
  5. Click on the Validate Account Info … if everything is ok you will get the message “Looks good!” and you can “Proceed to Step 2”

Korak 1

Step 2 – CSR from your cPanel

Now you need to go to your cPanel and to generate a CSR that you just copying the field from step 2 with gethttpsforfree.com … so …. I’m going to darkodrazovic.in.rs/cpanel, LOGIN, and the SSL / TLS Manager on certificate Signing Requests (CSR) and click on the “Generate, view, or delete SSL certificate” , fill all fields and click on “Generate”


…and the value you get under “Encoded Certificate” copy…

CSR prekopirati

… and paste it in step two on https://gethttpsforfree.com/ and click on VALIDATE CSR. If you did it right, you will write “Found Domains …..”

CSR Validiran

Step 3 – API Request

Copy everything under “PRIV_KEY….”, run in your PuTTy and paste in field bellow. When you fill all of 3 field – click on “Validate Signatures”


Ovako to treba da izgleda

Ovako to treba da izgleda

Step 4 – Verify Ownership

Now you come to the part where you need to prove that you are the owner of the site ….

  1. As in the previous steps – in PuTTy run command under the “Run this signature ….” paste it under field bellow
  2. Click on “Option 2 – file-based” and…
  3. Through cPanel (or an FTP client) to the location that you specified in the “Under this url” (you’ll need to create some additional folders) create a file named as the end of link, edit it, type what you see under “Serve this content” and save… and when save…
  4. Click “I’m now serving this file ….”

Verify Ownership

If you did it correctly you will see “Domain verified” info…

Domain verified

Step 5 – Install SSL certificate on a cPanel

Copy what you see in the “Signed Certificate” field……

Install Serticifate

…. and go to your cPanel, click on “Generate, view, upload, or delete SSL certificate”

Install Sertificate - CPanel

…in the ‘Paste your certificate below” paste what you did copy on previous step… and click Save Certificate.

Upload New Sertificate

If everything is OK – you’ll get a message on cPanel that the certificate is saved

Sertifikat uspesno uploadovan

Now save the certificate should be installed. Go to your cPanel “Install and Manage SSL for your site” and click on “Manage SSL sites”

Sertificate install

… from the drop-down menu select the domain you are installing HTTPS, then click on “Browse Certificates”…

Install SSL sertificate

… and choose the certificate that you have saved (in this case the domain darkodrazovic.in.rs), then click on “Use sertificate”

SSL sertificate list

… and then come back to gethttpsforfree.com and copy content under “Intermediate Certificate” field….

Install intermediate sertificate

…. and paste that content on your panel in the “Certificate Authority Bundle (CABUNDLE)” and click on Install Certificate

Install Sertificate

You will get a message that the certificate is successfully installed – which mean that your job about sertificate install is done.

Uspesno instaliran sertifikat

Now go to the site for which you want to set https and test whether it works …. you will see a sign exclamation mark if the page has photos that are pulled from the HTTP instead of HTTPS … but we’ll handle it in the next step…

Izgled sajta pod HTTPS-om

WordPress – link changing

Now you need to set all internal links are behind HTTPS as well as all previous characters that you shared by social networks to be “redirected” to HTTPS. The first thing to do is to edit the .htaccess file located in the root of your site and by adding the following lines

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://vassajt.com/$1 [R,L]

So looks like the .htaccess file the amendment, related to darkodrazovic.in.rs after a save file …. all the links that are going to http: //darko……in.rs/some_link now goes at https: //darko…..in.rs/some_link and whatever internal link to click on the site – will lead you to the https


Now remains part of replacing all http://darkodrazovic links in the database. Before anything – make a backup of MySQL (also via CPAN).Perhaps it is not by the book, but I rename the links work through skripe removed from https://interconnectit.com called Search and Replace DB. So, download the latest version of the program, upload the zip to the root site, unpack (cPanel, right click and Extract) and rename the folder to something less recognizable (I have renamed it in AAADDD) … then in your browser punching: https://darkodrazovic.in.rs/aaaddd

  1. REPLACE WITH new old url url
  2. Dry Run – in order to see where all changes will be applied
  3. Live Run – to name all the links from the old to the new url

Zamena Linkova

Once this work is complete, delete the folder (in this case AAADDD folder), you may have to delete the cache (if you use a WordPress plugin for caching) and go to the site to see if there is still a sign exclamation mark on the URL. In our case, no.

Ispravan URL sajta

And if you click on the padlock, you will have brief info that your connection to the site is secure

Sertifikat ispravn

The job is completed setting up SSL certificates for your blog or site. Do not forget that Let’s Encypt certificate is under Public Beta phase, you have to renew sertificate every 3 months, so set yourself a reminder in Google Calendar, or whatever you use as a reminder.