How to setup free SSL on your website using zerossl and cPanel

March 30, 2019

With the slight improvement one can get in Google rankings from using SSL it is definitely worth spending some time setting up, and if you don't fancy paying for an SSL certificate there are free options online, in this tutorial I am going to be showing you how I set up my SSL certificate using zerossl in cPanel. Certificates are valid for 90 days, but it is not a long process to setup and should only take 2-5 minutes of your time (every 90 days), not bad for free right?

Step 1. Log into your cPanel and under the security section look for SSL/TLS.

Step 2. Generate a new private key and generate a new CSR, copy both of these somewhere as you will be needing these shortly.

Step 3. Navigate in your browser to https://zerossl.com/ and start the FREE SSL Certificate Wizard.

Step 4. Enter your email, private key and CSR codes. Click next.

Step 5. You will now need to verify your domain, follow the instructions to add the file with the specified filename and the specified text. Save as a txt file, the easiest way to do this is in notepad. Then upload this file the directory specified, usually this is "webroot/.well-known/acme-challenge/".

Step 6. We now need to route to a file without an extension, assuming you are using apache server, create a .htaccess file in the "acme-challenge" directory and put into it the following code. 

RewriteEngine on 
RewriteCond %{REQUEST_FILENAME} !-d 
RewriteCond %{REQUEST_FILENAME}\.txt -f 
RewriteRule ^(.*)$ $1.txt

Step 7. You can check to see if this has worked correctly by going back to the zerossl website and clicking the filename which you have just created, if this works you should see the contents on the file in your browser. 

Step 8. Click next and you will be shown a screen which hopefully says success you have setup your SSL certificate, download the certificate file "domain-crt", there should be 2 keys in this file, and you should only need the top one, copy to your clipboard.

Step 9. Go back to cPanel to the SSL/TLS section, this time click into the CRT section, paste your key into the textbox, then click save certificate.

Step 10. Finally, you will need to force https on your website, typically this is done in the .htaccess file in your root folder of your website, the code which I used for this was -

RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

This should be placed right after the line (if it exists already)

RewriteEngine on

If it doesn't exist already, then obviously add it above the 2 lines.

Congrats, you now have free SSL on your website, just remember these certificates last 90 days, after the 90 days is up, simply follow the same procedure again.