Install Fast and Free SSL and HTTPS in cPanel with Let’s Encrypt

Share this post with friends!

Let’s Encrypt is a trusted, open source certificate authority that offers free SSL certificates for as many domains as you want – and now there are easy ways to integrate it with cPanel for one-click, automated certificate installation that takes mere seconds to complete.

Installing an SSL certificate with Let’s Encrypt is already fast, but if you own a hosting business, you’re a developer who manages clients’ sites, or you want an even faster solution, then there are three Let’s Encrypt plugins you can integrate into cPanel, including an official plugin by cPanel.

In this post, I’ll cover how to install each of the three Let’s Encrypt plugins for cPanel and how you can use them to install and renew free certificates in a few seconds.

Server Requirements

To run any of the three plugins for cPanel there are a few prerequisites:

  • You need cPanel installed with a valid license
  • Root and SSH access to your server
  • The basic requirements for using Let’s Encrypt:
    • Unix-type OSes that include Python 2.6 or 2.7
  • For the official cPanel plugin:
    • cPanel and WHM versions 58.0.17 or above
  • For the plugin found on GitHub, you need:
    • A Centos five, six or seven server
    • A static IP address if you have Centos five
  • For the Let’s Encrypt for cPanel plugin, you need
    • i386 or x86_64 CentOS 6 or 7 (5 is not supported)
    • WHM 11.52 or higher (CloudLinux and LSWS compatible)
    • Remote access key has been generated (/root/.accesshash)

If you don’t have a remote access key generated but want to use the Let’s Encrypt for cPanel plugin, log into WHM and go to Clusters > Remote Access Key and click the Generate New Key button.

It may be important to note that the Let’s Encrypt for cPanel plugin is the only premium option on the list. It’s $30 and there’s a free trial available. If you would like to try it out before purchasing a license, you can install it with a trial license automatically.

If you decide to purchase a premium license after all, you can replace the trial licensee on your server with the premium license file. The details on this can be found on the Let’s Encrypt for cPanel Installation page.

Once you have all the server requirements for the plugin you want to use, you can go ahead and install it. Feel free to skip ahead to the one you want to install:

  1. Let’s Encrypt for cPanel Installation
  2. Free Let’s Encrypt cPanel GitHub Plugin
  3. Free Official cPanel Plugin

1. Let’s Encrypt for cPanel Installation

Installing the cPanel Plugin

Log into your SSH client at root level, then add the Let’s Encrypt repository with the following command:

cd /etc/yum.repos.d/ && wget https://letsencrypt-for-cpanel.com/static/letsencrypt.repo

Next, install the plugin for cPanel with line below and yum:

yum -y install letsencrypt-cpanel
view rawinstall-le-cpanel hosted with ❤ by GitHub

The installation process usually takes about a minute. If all goes well and the installation was successful, a test should run automatically.

If it renders similar messages as the example below, you’re good to go:

le-cp self-test
[SELF-TEST] Can read config ………… SUCCESS.
[SELF-TEST] Can connect to daemon and check licence ………… SUCCESS.
[SELF-TEST] Can connect to Lets Encrypt ………… SUCCESS.
[SELF-TEST] Can talk to WHM API ………… SUCCESS.
[SELF-TEST] Can talk to plugin RPC ………… SUCCESS.
view rawsuccess-le-cpanel hosted with ❤ by GitHub

You can log in to your cPanel account and install your first SSL certificate.

Installing a Certificate

Once you’re logged into cPanel, you should see a Let’s Encrypt for cPanel button under Security. Click on it to access your active domains list to install a certificate.

The Let's Encrypt for cPanel button in cPanel.
Click the Let’s Encrypt for cPanel button to get started installing some SSL certificates.

Toward the bottom of the page, you should see the Issue a new certificate section. You should see a list of all your active domains including variations of them with and without a www. prefix.

You can check multiple boxes to install more than one certificate at a time or click the Issue Single link beside the domain where you want your certificate installed.

If you check multiple boxes, click one of the Issue Multiple links at the top or bottom of the list.

The Issue a new certificate section.
You can install multiple certificates at a time or just one.

Next, click the checkboxes next to the domains you don’t want to include if you selected multiple ones on the list on the previous page. Also select which domain you wish to be the primary one users are going to visit.

If you use one of the domains to access your email, also check the box labeled Install mail SMTPS/POP3S/IMAPS SSL certificate. Finally, click Issue to install your certificates.

Let's Encrypt for cPanel options.
Select which domains to include and install by clicking the Issue button.

The installation process takes about 10 seconds, but can take up to 45 seconds depending on how many certificates you have selected to issue. When the process has completed, you should see a message letting you know the installation was a success.

If something went wrong, try again. It usually works the second time around.

When you return to the main page, you should see your domains with certificates installed listed at the top of the page. You can click the Remove links to delete certificates one-by-one, or the Reinstall link to renew the certificates before the expiry date.

2. Free Let’s Encrypt cPanel GitHub Plugin

As with any plugin installed from GitHub, it’s important that you’re aware of the inherent risks. Since regular maintenance and security isn’t guaranteed across all plugins found on GitHub, you need to be sure you trust the developer.

It’s a good practice to check out the developer of even recommended plugins from GitHub no matter who recommends them. For details about the developer of this plugin, check out the Let’s Encrypt cPanel plugin repository on GitHub.

For more details on the precautions you should consider before installing plugins from GitHub, check out one of our other posts How to Find and Install Hundreds of Free WordPress Plugins from GitHub.

Installing the cPanel Plugin

Log into the root of your server with SSH and run this command to download the plugin package to your server:

/usr/local/cpanel/3rdparty/bin/git clone https://github.com/Prajithp/letsencrypt-cpanel.git

Next, go to the directory that was created for the plugin with the following line:

cd letsencrypt-cpanel

Finally, install the plugin by entering the command below:

./install.sh

Once you receive a message that says Successfully installed letsencrypt manager you’re all set to install your first SSL certificate.

Installing a Certificate

Once you’re logged into cPanel go to Security and click the Let’s Encrypt link. You’re not going to see an icon accompanied with the link. We’re not being fancy here.

On the management page, click the New SSL Certificate button.

The Let's Encrypt Manager cPanel plugin page.
Manage and install a new SSL certificate in one click.

Next, select one of your domains that you have registered to your cPanel account. Once you have made your choice, click the Submit button to start installing your certificate.

The inline pop-up to choose and install a certificate.
Choose your domain name and click the Submit button to install your certificate.

After about 10 seconds, you should be re-directed to the main page with a message letting you know the installation was a success. You should also see your domain listed on the page as well.

The success message.
Once your certificate is installed you should see a few details listed on the page for it.

Next to your domain on the list, you should see that a certificate for your domain was installed automatically for both your main domain and with a www. prefix. You should also see the date your certificate expires as well as the number of days you have left until the certificate expires.

3. Free Official cPanel Plugin

While this plugin needs to be installed to see it when you log into cPanel, there’s a chance it could come pre-installed in cPanel and WHM version 60. It’s not for certain yet only because extra testing needs to be completed by the folks behind cPanel before they can push out the change for everyone.

Installing the cPanel Plugin

For now, you can install the official Let’s Encrypt plugin for cPanel with one command:

/scripts/install_lets_encrypt_autossl_provider

The final installation steps need to be completed in WHM so go ahead and log in as the root user. Go to SSL/TLS > Manage AutoSSL and choose the Let’s Encrypt option under Choose an AutoSSL provider.

Next, check the boxes for I agree to these terms of service and Create a new registration with the provider. You can also click the link to review the terms of service.

The Manage AutoSSL page.
Fill out the form to finish installing the plugin.

When you have made your selections, click Save. You should see a small pop-over appear in a few seconds that lets you know the installation has completed successfully.

Installing a Certificate

It’s important to note that this feature only works if AutoSSL is enabled for the users where you want the SSL certificates installed. To enable this option for users, click the Manage Users tab, then select the Enable radio button next to the user account names where you want to install certificates.

Click the Check button to enable AutoSSL. When the process has completed, you can go back to the main Providers tab and click the Run AutoSSL For All Users button.

The Manage AutoSSL page.
Click the button to install certificates for all cPanel user accounts.

The process should only take a few seconds, but can take longer if you have many cPanel accounts and domains. Once the process is complete, all domains registed to all the cPanel accounts should have an SSL certificate installed.

Also, you won’t have to worry about renewing the certificates since that’s all setup for you automatically.

0 thoughts

Leave a Reply