How To Install Let’s Encrypt Free SSL Certificate without SSH Access

Getting an SSL certificate for your website is absolutely essential for a variety of reasons. Encrypting your website’s traffic over HTTPs Protocol using an SSL certificate will not only improve the security of your website, but it also will enhance your SEO Rankings and magnifies your brand value. It boosts the visitors’ confidence in your website and enables them to browse through your site confidently.

A lot of internet hosting service providers offer an SSL certificate for your website free of cost but some of them do not. However, you can obtain an SSL certificate through “Let’s Encrypt” to secure your website. Let’s Encrypt is an Open Certificate Authority that is run by the Internet Security Research Group (ISRG) for public benefit backed by many tech giants including Facebook & Github.

The general modus operandi for installation of an SSL certificate requires you to have access to the hosted server through SSH. The option to access the server through SSH is not normally available to the user especially on shared hosting solutions. In this article I shall walk you through the steps to install an SSL certificate on your website without SSH access to your server using the HTTP acme-challenge.


In order to execute the following steps, you will require a local machine running Linux (preferably Debian or Ubuntu) with Git VCS installed.

1. Clone the certbot application to your /opt directory

sudo git clone https://github.com/certbot/certbot /opt/certbot

2. Change to the /opt directory

cd /opt/certbot

3. Generate a certificate using the HTTP challenge

sudo -H ./letsencrypt-auto certonly --manual --preferred-challenges http -d yourwebsite.com 

4. Follow the on-screen instructions

On running the command in the previous step, you will be asked to enter your email address for retrieval of certificate in future. You will also be asked for accept their ToS to which you are expected to answer ‘Yes’.

5. Complete the HTTP challenge

In order to verify the ownership of the domain and to generate certificates, you will be asked to make a file containing a specific key to be made available at a particular url of your domain. Using the FTP Service, you may create and upload the file containing the prescribed text to your server. On completion of this challenge, you may press the [Enter] key to complete the SSL Certificate generation process. The certificates will be available at /etc/letsencrypt directory on your system.

6. Copying the certificates to your CPanel

To install the certificate on your website change to the /etc/letsencrypt directory of your local machine using:

cd /etc/letsencrypt

You need to be logged in as the root user to view the certificates. To login as root, run:

sudo su -

Once you’re logged in as root, you need to copy the CRT (Certificate) and the Private Key to your web host’s CPanel under the SSL menu.

You can print the CRT (Certificate) file using the following command and copy it

cat live/yourwebsite.com/fullchain.pem

Similarly, you may print and copy the private key using:

cat live/yourwebsite.com/privkey.pem

Once the CRT and the Private Key are copied to the respective fields in the SSL menu of your CPanel, You can click on “Install” to install the SSL Certificate.

That’s all, you’re done installing a free SSL certificate from Let’s Encrypt Certificate Authority. You may now try accessing your website through the HTTPs protocol to verify the installation.

Sreedev Kodichath

Sreedev Kodichath, a passionate software engineer, an avid blogger & an eloquent orator is the author of DevTechnica.

Leave a Reply

Your email address will not be published. Required fields are marked *