Install Let’s Encrypt in GoDaddy – SSL Certificate for free in 10mins

Install let's encrypt on godaddy

Sharing is caring!

Hello Internet People!

In this article, you will learn how to install Let’s Encrypt in GoDaddy with an online tool called Zerossl. I’m using Godaddy, but this should work on HostGator or any other hosting provider that has cPanel.

In addition, I will show you how to always redirect users from HTTP to HTTPS using just a few lines of code.

No coding skills required!

 

CONTENTS

What is Let’s Encrypt

Let’s Encrypt is free SSL certificate provider and verifier. It is becoming popular among small website owners, and even NASA is using it for some of it’s smaller sites (3000 different sites). So you are in safe hands using them.

Now the only con of let Let’s Encrypt is that you need to renew it every 90 days.

There is a way to setup Certbot to renew the SSL certificate automatically, but this requires knowledge of shell/terminal and might be too hard for beginners to grasp. So I want to cover it in this article.

How to install Let’s Encrypt in Godaddy or Cpanel

This tutorial is for people who want to get free SSL certificate using shared web hosting using zerossl.com installation tool. My examples will be using letsencrypt on GoDaddy shared hosting, but it will work on most other hosting providers.

  1. Go to https://zerossl.com/
  2. Click on online tools.
  3. Click on start, under “FREE SSL Certificate Wizard”.
    zerossl free ssl certificate wizard
  4. On the right-hand side, you have a field called “Domains”, add your domains to this. Include mydomain.com and www.mydomain.com. (Don’t include HTTP:// or https://).
    zero ssl enter domains

    Hot Tip! If it is a sub-domain such as blog.mydomain.com then you have to do it separately. So do all the steps just for a subdomain. Just include blog.mydomain.com in “domains field”. You don’t need to including www.blog.mydomain.com.

  5. Accept the zerossl TOS & let’s encrypt SA by adding check marks.
    accept zerossl tos
  6. Hit the next button in the top right corner.
  7. Zerossl will generate the CSR (Certificate Signing Request). Loading might take some time.
    zerossl download csr
  8. Once it’s done, click on the download button, to have a backup and click “Next” again.
  9. It’s going to start generating Account Key (Again might take a few minutes).
  10. Once done, download the Account Key and click on “Next” button.
    download letsencrypt account key
  11. The new page will appear. This is how Letsencrypt will know that you own the domain.
  12. Download the two txt files.
    download letsencrypt verification file
  13. Head to your cPanel and click on “File manager” and go to your root folder.


    Hot Tip!
     If you are doing this for an addon domain, then just go to the root of that domain. So where ever your index.html or index.php for that domain is.

  14. On root, create new folder .well-known and inside it create an acme-challenge folder. So your path should look like:
    mydomain.com/.well-known/acme-challenge

    Please note: You can just delete the .txt files you put in the /.well-known/acme-challenge once you are done, but keep the folders. You will need them in 90 days again.

    If the file .well-known does not show after making it.  Just do the following, when opening the File Manager select to show all hidden files & folders that start with “.” (dot) as well! Or just type “public_html/.well-known/acme-challenge” into the left menu and click “Go”.

    create acme challenge folder

    If you are having issues with finding root directory.
    Jobb added a comment with a better explanation:

    The first time you use File Manager in GoDaddy, it defaults to the “home” directory, which I found out is NOT the same as the “root” directory. Installing .well-known/acme-challenge in the home directory does not work.

    In the screenshot above, it shows domainname.com/.well-known/acme-challenge as the path, but again that’s misleading for shared domains. There is an /etc/domainname.com folder, but if you put .well-known/acme-challenge underneath that folder, it also does not work.

    With a little digging, I discovered that GoDaddy considers the /public_html folder the “root” folder, so you want to create the subfolders in there so it looks like /public_html/.well-known/acme-challenge. THAT path finally worked.

  15. Upload the two .txt files (from point 12) inside the acme-challenge folder.Great tip from Rubab in the comments:

    As we downloaded two text files in step 7 & 8 , and the files that I downloaded on Step 12 weren’t really ‘text’ files but were simple files with no extension. So, when Step 15 asked to put 2 text files into .well-known/acme-challenge, I put the previous files there; that is why it was not validating the keys.

    upload vertification text files

  16. Go back to zerossl, and click on the link indicated in the screenshot.
    test zerossl verification worked
  17. If it returns you a page with numbers & characters, you are good to go. If not then check that the URL path contains mydomain.com/.well-known/acme-challenge and that the sting of numbers & words are the same as on zerossl.
    test successful
  18. Click on “next”.
  19. Voila! Your Certificate is ready now, scroll down and download the CRT & Private key.
    dowload CRT
  20. Go to Cpanel and find SSL or TLS and click on it.
    cpanel ssl tls
  21. Click on Manage SSL on your site and you should see three fields.
    cpanel manage ssl sites
  22. Select the domain you want to install the SSL certificate on.
    select domain in cpanel
  23. For other fields, go back to zerossl and copy the CRT and paste it into CRT field in Cpanel.
    Please note that CRT includes both CRT & Certificate Authority Bundle.
    copy crt from zerossl
  24. Cut out the Certificate Authority Bundle from CRT and paste it in the 3rd field.
    remove bundle
  25. Go to zerossl and copy private key.
    copy private key
  26. In Cpanel paste the private key in the 2nd field (Private Key)
    paste private key cpanel
  27. You should have three green check marks next to fields; this means everything matches.
  28. At the bottom of the page click on “install certificate”.
    install certificate cpanel
  29. Your SSL Certificate is now installed, and you should have https. Test that it works by adding https:// to in front of your domain for example https://www.mydomain.com.
    test ssl certificate works
  30. You should see the green padlock in front of your URL. If you get padlock with yellow batch, then you probably have mixed content issue. To fix it check out below video, which describes how to fix the mixed content warning or no green padlock.

Redirect always from HTTP to HTTPS

The redirection to HTTPS is easily achieved by adding a bit of code into .htaccess (Hypertext Access) file.

We will tell our Apache-based web server change all URLs with http:// to https://.

This happens before any code of your site is run.

Always redirect from HTTP to https:

  1. Go to Cpanel and click on the file manager.how to find htaccess file godaddy
  2. On the root folder, create a new file called “.htaccess”. You might have this file already, in that case, edit that file.
    add htaccess

    Hot Tip! If you can’t see .htaccess file it might be hidden. Here is how to unhide .htacess file.

  3. In .htaccess file, add below code and hit save

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

code to redirect http to https

4. Test that this worked by typing http://mydomain.com it should change to https://mydomain.com
You are done!

Remember to update the SSL certificate every 90 days, I just sent a reminder in my google calendar and it takes me about 5 minutes to renew the SSL certificate.

Since your site is secure now, why not speed it up, so it’s lightining fast…

How to renew Let’s Encrypt with ZeroSSL

Here is a video of the renewal steps:

Unfortunately, there is no way to renew letsencrypt automatically unless you know how to use the terminal/shell and you have full access to your server. In that case, you can use CertBot and cron job to update automatically your SSL certificate.

If you are on shared hosting, using cPanel, Plesk or WordPress, CertBot is not an option.

Let’s encrypt renewal is easy, and you will need CSR, domain Key & account key. If you don’t have these, you have to request a new certificate from scratch, so scroll up to the beginning of this tutorial or for you lazy peeps click here to go up.

That said, it’s easy to renew Let’s Encrypt, and you can do it in 2-3 minutes using zerossl. I just have a calendar reminder every 90 days.

Common issues with Installation

Now I get it, it doesn’t always work out, and sometimes you might have some issues with the installation. Below is a collection of most common problems.

Installing the Let’s Encrypt SSL Certificate on Sub-domain

For anyone who is trying to set up with a subdomain ( ex blog.mysite.com, shop.mysite.com). You have to do it separately from the main website ( ex www.mysite.com, mysite.com).

You also have to upload the .well-known/acme-challenge files in the root of wherever your subfolder files are. So if they are in the web root (public_html/www) then one folder after that, say, blog, it would go in public_html/blog/.well-known/acme-challenge.

I only did this for blog.mysite.com and not including www.blog.mysite.com, and it worked for me. When i tried the www.blog.mysite.com, it didn’t work for me. Installing the Let’s Encrypt SSL Certificate on Sub-domain

Credit to Joel Buzzanco who left a comment on my YouTube video.

 

HTTPS Mixed Content Warning (website not fully secure)

Are you getting “mixed content on https” warning after installing SSL certificate? Does the browser tell you that SSL is not secure?

In most cases, the mixed content error is easy to fix. The most important step is to identify where the issues are with Chrome’s inspector and then it’s easy to update. This tutorial will show you a quick way to make sure you don’t get https not secure warnings

Summary of steps:
1. Inspect your website (right-click anywhere on the site, select “Inspect Element” and find “Console” tab).
2. Determine why do you have mixed content warnings.
3. Update the images, URLs, etc.

 

Mixed Content Warning on WordPress

Blocked by mixed content on WordPress after installing SSL certificate? You must be asking why is there no padlock?

In most cases, the mixed content error is easy to fix. The most important step is to identify where the issues are with Chrome’s inspector and then it’s easy to update. The video tutorial is captured in Chrome. However, you can use Firefox, Safari or Edge as well.

Summary of steps:
1. Update WordPress settings with https.
2. Check images & videos URLs.
3. Add http to https redirections.
4. Updated plugin code.

Let’s Encrypt on GoDaddy Plesk (Windows Shared Hosting)

The trick to getting this to work with Plesk is to fill out the online Form on GoDaddy under “Secure Your Site” and let GoDaddy create the Certificate Request (CSR). In this article, for cPanel you are having Zero SSL create that.

That won’t work for the Plesk Shared Hosting on Windows with GoDaddy because GoDaddy didn’t recognize the certificate. So, have GoDaddy create that request, copy it and PASTE that into the right panel of ZeroSSL. Then ZeroSSL will generate a certificate in the left panel that Plesk recognizes. It took two days to figure that out, but once I did, the site was secure within five minutes.

Thanks for the tip Damon Gray

404 error in the verification

I’ve hard that if you choose “DNS verification”, follow the instructions exactly and input it on you GoDaddy cPanel. (Note! I haven’t tried this, so I’m not sure this works. However some users have recommended this.)

In case you want to give it a try in ZeroSSL then follow the below instructions.

Anyone with 404 in the verification, insert the expression “text/plain .” in the MIME of the server (inside the MIME text box), to open files without extension.

You can configure MIME in “Internet Server Settings”, and remember to put the “.” at the end of the expression.

I was getting a 404 error when checking to make sure the 2 files are correctly connected.
My server is from GoDaddy, and I was not configured in MIME for my server to read files without extension.

This MIME configuration causes your server to read files without extension as if it were a .txt file.

I was getting a 404 error when checking to make sure the two files are correctly connected. My server is from GoDaddy, and I was not configured in MIME for my server to read files without extension. This MIME configuration causes your server to read files without extension as if it were a .txt file.

Credit to Carlos Fonsec who provided the answer.

Unexpected error[ Code: 400 ]

If you are getting “Unexpected error[ Code: 400 ] [ Status: Unable to update challenge :: The challenge is not pending. ]” in zerossl.com when you click the NEXT button, then try the following:

Try using the DNS options. I added a CNAME for “www”. You should see both text values returned when clicking the link. “Your certificate is ready!”

Credits to Matthew Upp for the solution.

Let’s Encrypt and WP Managed WordPress with GoDaddy

Unfortunately, GoDaddy doesn’t support 3rd party SSL with managed WordPress.

What you can do is install CloudFlare which comes with HTTPS. Here is my tutorial about how to install CloudFlare SSL in WordPress.

Otherwise, you can do what Colby did. You need to move from managed WordPress to Economy Linux Hosting with cPanel then transfer your website over (I used the plugin Duplicator basic) and then you can follow this tutorial it worked great for me!

Thanks to Colby Hearn for the answer.

 

How to fix “you must use an IP address that is on the server. “xxx.xxx.x.xxx” is not bound”.

So you might get this message: “You must use an IP address that is on the server. “xxx.xxx.xxx.xxx” is not bound”, while installing SSL certificate on GoDaddy with Zerossl.

I haven’t encountered this issue myself but here is how Roberto Villegas resolved it.

“I waited two days, and when i tried again. The SSL get installed with no issues, it appears godaddy have an problem with cpanel, at least it’s what they told me that when i called the first time.”

Another reader called Danny resolved it like this and left a comment in the comments below:

“I got the same error when I tried to add an SSL certificate to a domain that had no published content yet (i.e. no index.html or index.php, just an empty folder, except for a few hidden files & empty cgi_bin folder). Guess you need to have some actual content to secure, before you can secure it. Hope that helps somebody.”

Steve left his solution in comments below:

“I had a problem during installation that others might encounter as well. After I got all of my SSL keys and pasted them into the text boxes under the SSL manager in cPanel, it told me that my IP address was “not bound”.

After a bit of searching I found that you sometimes have to make a very minor change to your DNS settings in order to install your certificate.

If you’re having this problem, log in to GoDaddy, and click on your name up top, and go to “My Products”. Under “Domains”, click on the “DNS” button to the right of the domain name you want to install the SSL certificate for.

In the list of DNS items, one should say “A @ [Your IP Address] 10800 seconds”. Mine was set at 10800, anyway. Click the little pencil icon to the right and edit your settings. Change the time to 600 seconds instead.

This fixed mine right away! I was able to install my SSL certificate and my site automatically redirects to HTTPS.”

Also, Juan had a similar issue, he solved it with:

“Today I had a problem after full filling the SSL Certificate renewal: “IP is not bound”.

Problem is caused by old installed certificates, don´t know why… Just uninstall the SSL Website under SSL/TLS. This action will not delete files in /.well-kown/acme-challenge/ obtained and uploaded from http://www.zerossl.com.

Then repeat steps 26 to 28 herein at the tutorial and there you go! If it is a renewal use the green “autofill by certificate” button to fill the private key and then “install Certificate” at the bottom.

This worked for me, hopefully to everyone else.”

Missing SSL/TLS in GoDaddy menu

What to do if you don’t have the “SSL/TLS” in your GoDaddy menu. And you only see “SSL Certificates” which means it’s a paid SSL Certificate.

This limitation seems to be on different types of web hosting Economy & Deluxe Web Hosting Linux. It seems to appear for users in different countries (US & UK) too.

The only explanation for this I found was this Godaddy Forum post. Which tells that if you have Classic or web hosting that was bought some years ago, they might not have a way to install an external SSL certificate.

A workaround would be to use a CDN like Cloudflare which comes with it. It’s free until a certain limit of traffic, so if you have low traffic site this might work for you.

Cloudflare is CDN, not a hosting. Thus, you would still stay on GoDaddy. But Cloudflare would act like a layer in front of your hosting. Here is a video of how to install Cloudflare on WordPress.

 

Three green check marks in GoDaddy – Website still not secure

So you’ve followed the instructions in this tutorial, and after installing the certificate in GoDaddy’s cPanel, you get three green check marks (step 27 above).

install certificate cpanel

But when you go to your site it still gives an error similar to “Your connection is not private” or “Your connection is not secure “.

Thomas was able to resolve this bizarre issue the following way:

“GoDaddy didn’t know nor believe what i thought until I proved it. The presence of McAfee Trusted Advisor prevented the certificate from being seen.

In every way, as we earlier determined, it was valid and installed properly and even GoDaddy verified it. As soon as I unpublished it, https works. Hope this helps your work and knowledge base.”

So there is a chance that your SSL is blocked by other software such as McAffee.

Error code: “Forbidden You don’t have permission to access / on this server. Server unable to read htaccess file, denying access to be safe”

After some struggles Shaun was able to resolve this issue and he posted his solution in the comments below. Thanks Shaun!

Description of Problem:

I had no issues until I got to the redirect phase from http to https://. Prior to creating and modifying the .htaccess file, I checked my site and the could access through the unsecure http:// and the secure https:// without issue.

So, I created the the .htaccess file and copied and pasted the suggested code above:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

The result was an error code:

“Forbidden You don’t have permission to access / on this server. Server unable to read htaccess file, denying access to be safe”

Before re-installing my site, I deleted the file to a blank one, played with other codes, contacted GoDaddy and the error code would not go away.

The solution on re-install was the following code (where replacedomain is your domain name:

RewriteEngine On
RewriteCond %{HTTP_HOST} ^replacedomain\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.replacedomain.com/$1 [R,L]

It worked. I don’t know why… at all. But, hoping the knowledge helps others.

 

IIS: How to serve a file without extension

If your server is running on Windows server with IIS then you might not be able to server the file without an extension.

Andrew mentioned below in comments, that he found a solution on stackoverflow. Essentially you will need to create a new web.config file in that directory and enter some custom code. Grab the code from the stackoverflow post.

 

Sharing is caring!

265 thoughts on “Install Let’s Encrypt in GoDaddy – SSL Certificate for free in 10mins

  1. Danny

    I get a 404 error when trying to verify. I have wordpress installed on my host, and I think it is stopping me from accessing files on my public home. I am unable to browse any files in my directory. Is there a way to get around this?

    1. Robert

      Hey Danny, this usually works with WordPress. Are you on MIME? Some users on my YouTube channel had similar issues.

      I’m not that familiar with MIME.

      Here is the video: https://youtu.be/GPcznB74GPs

      I took this from youtube Carlos Andre Fonsec comment:

      Anyone with 404 in the verification, insert the expression “text/plain .” in the MIME of the server, to open files without extension.

      I was getting a 404 error when checking to make sure the 2 files are correctly connected.
      My server is from godaddy, and I was not configured in MIME for my server to read files without extension.
      This MIME configuration causes your server to read files without extension as if it were a txt.

  2. Marc

    Hi, great tutorial, I followed it exactly and it worked great. Since then i have changed a few page names and added a few pages, now those pages show “not secure” in microsoft edge an chrome? Do i need to re-do the ssl process after changing page names and adding pages? Thanks

  3. Marc

    Ok, Thanks!! it’s exclamation point, mixed content warnings. I followed the video and looks fixable, i see the new images that caused it.. Also, in your video you changed the wordpress address to https:// ~ I have tried this twice and i get kicked out of wordpress completely and have to get go-daddy to reset it so i can get back in. So right now it shows http:// in both places (wordpress) but i’m secure except for the images i added that need to be fixed.

  4. Hunter

    “”” There is a way to setup certbot to renew the SSL certificate automatically, but this requires knowledge of shell/terminal “””
    I didn’t see how to do this in the guide. Is there an article that covers the steps for this?

  5. G.A.

    I got to the point where I installed the certificate in godaddy cpanel and I received the following error:
    “error You must use an IP address that is on the server. “192.***.***.*” is not bound.”

    Any Ideas?

    1. Robert

      Hello, I haven’t had this issue, but one of other people left a comment:

      “I waited two days, and when i tried again. The SSL get installed with no issues, it appears godaddy have an problem with cpanel, at least it’s what they told me that when i called the first time”

  6. Danny

    Hi Robert. Thank you so much for your post and videos! I successfully added SSL certificates to all of my add-on domains in GoDaddy using your tutorial, but I am confused about adding SSL to my primary domain. My primary domain (let’s call it “primarydomain.com”) runs off of a WordPress install in the subdirectory public_html/wordpress. I tried applying this method on the root directory (i.e. creating verification folders at public_html/.well-known/acme-challenge, installing the CRT and KEY on primarydomain.com, and editing the .htaccess file in the root directory, public_html/.htaccess), and cPanel’s SSL manager said the installation was successful. But then I started getting errors from ZeroSSL when I tried to create certificates for all of my add-on domains. The certificate on primarydomain.com / root folder was conflicting with making certificates for the add-on domains, which are listed as subfolders within public_html (i.e. public_html/domain2.com, public_html/domain3.com). So, I removed SSL from the primary domain, and then I was able to finish making certificates for the add-on domains. So, my question is, where am I supposed to install SSL for the primary domain, without affecting the add-on domains? Since my primary domain runs off of public_html/wordpress, should I create the verification folders inside that folder, and generate the CRT and KEY for wordpress.primarydomain.com? Sorry for the long-winded explanation; you can probably tell I don’t do this stuff every day. Thanks again.

    By the way, here is a little insight into the error “you must use an IP address that is on the server. “xxx.xxx.x.xxx” is not bound” that G.A. experienced: I got the same error when I tried to add an SSL certificate to a domain that had no published content yet (i.e. no index.html or index.php, just an empty folder, except for a few hidden files & empty cgi_bin folder). Guess you need to have some actual content to secure, before you can secure it. Hope that helps somebody.

    1. Robert

      Hi Danny,

      When you tried to run it from public_html/ folder, were you able to access the .txt files from ZeroSSL on primarydomain.com/.well-known/acme-challenge ?

      what kind of errors was it giving you?

      I’ve installed the SSL for my primary domain on the root and my other domains are running without any issues.

      Thanks for the tip about the IP address, I’ll add it to the article.

      Let me know if you were able to resolve your issue.

      Regards,
      Robert

  7. Crownomancer

    you should add abit about “showing hidden files” in the go daddy file manager, as that might slow people down. im having alot of problems achieving this setup myself will let you know how i get on.

    1. Robert

      Hello Crownomancer,

      You have a point, I did have a link to an tutorial, but it seems that it doesn’t work anymore on Godaddy. I’ve found some information that seems to work. You just need to access file manager from the green top menu in cPanel.
      I hope you found the solution too.

      Regards,
      Robert

  8. Patti

    I’ve followed the instructions, but I keep getting a 404 error page. This is an addon domain and I’ve tried it both ways:

    public_html/.well-known/acme-challenge

    public_html/sharisteinbach.com/.well-known/acme-challenge

    1. Robert

      Hi Patti, for addon domain it should be public_html/sharisteinbach.com/.well-known/acme-challenge.

      are you able to access the file through your domain sharisteinbach.com/.well-known/acme-challenge/random-characters.txt (just replace the “random-characters with the file name you get from ZeroSSL”)?

      Also did you already add something to .htaccess file? if you have, see what happens if you remove the code from this article.

      Regards,
      Robert

  9. Micky Nicky

    After doing everything on Step 26 the green markings are not appearing neither is red marks
    infact upon hitting the Install button it gives an error message Communication failure

    1. Robert

      That’s strange, usually it shows the red check marks if any issues. Perhaps you can try to run the process again and get new certificates. I have multiple domains using let’s encrypt and I haven’t had issues like this one.

  10. Angela

    I am at the step where I verify. I have uploaded the files inside of acme-challenge folder. When I click to check the verification my wordpress site pops up with an error, instead of showing the text I am supposed to see. Do you know how to make this work?

  11. Steve

    Thank you very much, sir! A very good, informative video, and the chick in the GoDaddy shirt thing was hilarious! XD

    Anyway I just wanted to point out one problem I had during installation that others might encounter as well. After I got all of my SSL keys and pasted them into the text boxes under the SSL manager in cPanel, it told me that my IP address was “not bound”.

    After a bit of searching I found that you sometimes have to make a very minor change to your DNS settings in order to install your certificate.

    If you’re having this problem, log in to GoDaddy, and click on your name up top, and go to “My Products”. Under “Domains”, click on the “DNS” button to the right of the domain name you want to install the SSL certificate for.

    In the list of DNS items, one should say “A @ [Your IP Address] 10800 seconds”. Mine was set at 10800, anyway. Click the little pencil icon to the right and edit your settings. Change the time to 600 seconds instead.

    This fixed mine right away! I was able to install my SSL certificate and my site automatically redirects to HTTPS.

    Thanks again, brother! Hope this helps someone besides me. Peace.

    1. Robert

      Hi Steve,

      I’m glad this tutorial was useful and that you enjoyed the video.

      Thanks for sharing the solution that helped you. It seems a lot of people have this IP address issue. I hope this helps others too, I’ll add this to the article.

      Cheers,
      Robert

  12. Juan

    How to fix “you must use an IP address that is on the server. “xxx.xxx.x.xxx” is not bound”.
    Problem is caused by old installed certificates, don´t know why… Just uninstall the SSL Website under SSL/TLS. This action will not delete files in /.well-kown/acme-challenge/ obtained and uploaded from http://www.zerossl.com. Then repeat steps 26 to 28 herein at the tutorial and there you go! If it is a renewal use the green “autofill by certificate” button to fill the private key and then “install Certificate” at the bottom.

  13. Juan

    Hi, great tutorial. Today I had a problem after full filling the SSL Certificate renewal: “you must use an IP address that is on the server. “xxx.xxx.x.xxx” is not bound”;
    Problem is caused by old installed certificates, don´t know why… Just uninstall the SSL Website under SSL/TLS. This action will not delete files in /.well-kown/acme-challenge/ obtained and uploaded from http://www.zerossl.com. Then repeat steps 26 to 28 herein at the tutorial and there you go! If it is a renewal use the green “autofill by certificate” button to fill the private key and then “install Certificate” at the bottom.
    This worked for me, hopefully to everyone else.

  14. Richard Foster

    I am try to find SSL or TLS in the cPanel, but only see SSL Certificates. Clicking on this does not bring me to the 3 fields that you mention that i should see.

    I do not see any category with the heading of Security; I only see Popular Apps, Tools, Settings, Stats and Monitors, Databases and Premium Apps.

    Appreciate any help.

    1. Robert

      Hi Richard, it might be that your account doesn’t simply have this option. Which GoDaddy plan you have?

      On other hand, if your site doesn’t have too much of traffic, you could install cloudflare (CDN) it would add an SSL to your site. This is especially easy if you are using WordPress.

      Regards,
      Robert

  15. Richard Foster

    I have a very basic plan with GoDaddy. My site does not get much traffic since it revolves around dental assisting and dental hygiene education.

    I relatively recently changed the site over to WordPress, so I will take a look at cloudflare. Hopefully, the installation of the SSL with be pretty straight forward.

    Appreciate the quick response and suggestion.

  16. Ron Gee

    Great tutorial, thanks very much for the info. Will see how easy it is to renew in 90 days. There’s a tip on the email address field of the ZeroSSL site that says if you fill it in, a reminder will be sent to you when it’s time to renew. When I first installed the certificates, I got the same “not bound” error that several others got, but Steve’s solution about changing the time on the @ DNS record fixed that problem. Also, I found that going to Settings > General on the WordPress Dashboard and changing the website address from http to https helped with some issues.

    1. Robert

      Hi Ron, thanks for the feedback and I’m glad you were able to setup SSL despite some issues.

      I use a calendar reminder for the SSL and after doing it few times, it literally takes 5minutes to renew.

      Have a great weekend!

    1. Robert

      Hi Caasiah, it seems to me that you made it work? I’m able to access /test.txt.

      That said if your Godaddy is hiding some files, try to go to file manager from the top navigation bar. For some reason that has difference.

      I hope this helps.
      Robert

    1. Robert

      Hi Steven, I agree it looks intimidating, but in the end you are doing the following:

      1. Creating few .txt files in zerossl
      2. Creating folders in your file manager
      3. placing the txt files in the folder
      4. Copy + pasting the certificates to GoDaddy
      5. Copy + pasting code in your .htaccess file

      You can follow the video at the top of the post, maybe that helps with it.

      I hope this helps!

  17. Nik

    Hi Robert – Just want to thank you for a great tutorial. Worked like a charm! as I have 3 domains on goDaddy and managed to get all 3 installed without incident.
    Thanks for taking the time and sharing!

    1. Robert

      Hi Chuck, I believe Let’s Encrypt is designed purely to be a free tool for everyone to use, with the limitation of 90days.

      I would suggest buying an SSL from your hosting provider, probably the easiest option.

      I hope this helps.
      Robert

  18. Rubab

    Hi,
    I am not sure if my previous comment is received by you as I can’t see it published here. So I followed the tutorial till the point where I placed the 2 text files successfully inside .well-known/acme-challenge directory. But the problem is that on the step 2. Verification, when I click on the file name, it opens the link http://techhivesolutions.com/.well-known/acme-challenge/m6AUMNotbj7wmL1-7vAY-vklMZxBdJIDPj6gPFJ83Q8 and renders my complete landing page instead of returning the number only. Consequently Verification gives me this error
    Invalid response from http://techhivesolutions.com/.well-known/acme-challenge/m6AUMNotbj7wmL1-7vAY-vklMZxBdJIDPj6gPFJ83Q8: “\r\n\r\n\r\n\r\n\r\n<meta "

    Any help on this would be appreciated.

    Thanks.

    1. Robert

      Hi Rubab,

      That’s strange. You probably have some code in .htaccess file that is redirecting all traffic to that page.

      It seems no matter what url I add to your website, it always lands on that page.

  19. Mit

    What’s your point to use Godaddy hosting while other hosting companies provide free and auto renewal Let’s Encrypt? I have a client who is using Godaddy hosting, I would like to let him leave this company

    1. Robert

      Hi Mit,

      Apologies for late reply. Not sure if the information is relevant any more but here it goes:

      Indeed, there are many other great hosting providers who provide free SSL with all accounts. I’m in process of moving to HostPapa.

      GoDaddy is globally known and their marketing engine is doing a great job of attracting people with cheap prices, but I don’t see any reason to stay with them. Smaller players have better service and better products.

    1. Robert

      I’m glad it worked Gloria and I appreciate you taking the time to write a comment.

      Just don’t forget to set a reminder in calendar to renew this in 90 days. Renewing is slightly easier than initial setup.
      When you’ve done this few times it only takes 5minutes to do.

      Have a nice day!
      Robert

  20. Kate

    Hi! Thanks so much for this! However, I’ve run into a problem. I do step 16 and get a 404 error. This is a main domain and the 2 txt files live at public_html/.well-known/acme-challenge/

    Can you help?

    Thanks!

    1. Robert

      Hi Kate, double check that the urls have .txt at the end. So yourdomain.com/.well-known/acme-challenge/somecharacters.txt

      If that doesn’t work just let me know what your domain is, I can try to check it. You might have some extra redirect.

      Cheers,
      Robert

  21. Rubab

    Hi,
    So I tried again today… and IT WORKED!!! 🙂 I was doing a very silly mistake before, sharing here so that someone else doesn’t repeat the same mistake. As we downloaded two text files in step 7 & 8 , and the files that I downloaded on Step 12 weren’t really ‘text’ files but were simple files with no extension. So, when Step 15 asked to put 2 text files into .well-known/acme-challenge, I put the previous files there; that is why it was not validating the keys. 😀

    Many thanks to Robert for providing such a comprehensive tutorial… I am looking forward to follow the renewal steps provided by you after 90 days.

    Many thanks again,

    1. Robert

      Thanks for leaving a comment about your progress Rubab. I’ve added your comment to point 15. I feel like others will benefit from it and they will avoid the same issue.

      Thanks for contributing!

      Robert

    1. Robert

      Hi Som, thanks for keeping it positive and dropping a comment! I’m glad it was easy and useful to you.

      Don’t forget to put a reminder in your calendar in 90 days to repeat this. Actually when you renew you can skip few steps since you have the files needed in the first page in zerossl.

      Have a great day!
      Robert

    1. Robert

      Hi Kole, the url you pasted doesn’t have .txt at the end, make sure you save the file with .txt at the end. You can check point 15. in the article. Another user had similar issues.

      Cheers,
      Robert

  22. Carmelo

    Hello Roberto,
    I installed the ssl certificate correctly, but I had the same problem as Thomas: The presence of McAfee Trusted Advisor prevented the display of the ssl certificate. How can I solve it?

    thank you so much.

    1. Robert

      Hi Carmelo, I think Thomas just unpublished McAfee, that’s how he solved it. Now I don’t know if made it work with McAfee later.
      I haven’t used McAfee before so can’t speak from experience. But I would assume McAfee might know how to make it work?

      Regards,
      Robert

    1. Robert

      Hi Yogesh, thanks for leaving a comment. Actually the green padlock only appears on some browser. Take a look in firefox and your website has green padlock. Chrome doens’t display this any more, it’s mostly grey.

      I hope that helps!
      Robert

  23. Jared M

    Hi Robert
    I have an unsecure site hosted with GoDaddy. GoDaddy is offering me the chance to upgrade to SSL, and I have been thinking of doing this so that my site will have the https prefix and the lock symbol. However, I am confused. On the web page for purchasing SSL certification, GoDaddy also offers an “EasySSL service”, which it says simplifies the process. So it sounds like just paying GoDaddy the money for the SSL Certification is not enough. There are other things I will have to do and they may be quite complex. But if I want to use GoDaddy’s EasySSL, I have to ring their phone number (in the US where I do not live) to get a quote. Ok…well I could probably do it myself, but what exactly is it that I need to do after I have paid GoDaddy for SSL certification? They don’t seem to give any information about this. So by googling the issue, I find your page and what looks like a very clear and helpful explanation as to how to do all this (for free). But wait. Do I first need to pay GoDaddy the annual fee for SSL certificates? Or will this work just with a basic GoDaddy site? It certainly looks that way insofar as my cPanel dashboard seems to allow me to do all the things you talk about.

    1. Robert

      Hi Jared, no need to buy the SSL from Godaddy for this to work. The only drawback is that you need to redo this process every 90 days. If you are okay with that (honestly take 5-10mins once you do it few times) then this tutorial is for you.

      I’ve only bought an SSL once with Godaddy, back then it was simple to install so if you want hassle free maybe that’s an option for you.

      I hope this helps,
      Robert

  24. Mayh27

    Please tell me how to get it back??? I put the strings
    RewriteEngine On
    RewriteCond %{HTTPS} On
    RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
    to .htaccess and now I get my page with no pictures no videos no plugins working etc, and I have Not Secure sign as well!
    I removed strings from .htaccess but after that it still converts http to https automatically, so every time I see my pages broken and non secured!
    How can I remove this automatic conversion http to https please! I just want it back!

    1. Robert

      Hi Mayh, not having the images is normal, you probably have mixed content warning, you can check how to fix it on wordpress here or if you are not using wordpress then here.

      If you don’t want to automatically redirect, just remove the code and give it a bit of time (or use a browser in incognito) to view your page.

      I hope this helps!
      Robert

  25. Mayh27

    Thanx for reply, Robert.
    Yes I use it on WordPress.
    Now the situation went even worse. I get
    Forbidden
    You don’t have permission to access / on this server.
    Server unable to read htaccess file, denying access to be safe

    1. Robert

      did you do something for it to get worse? or it just went after refresh?
      It sounds like maybe something was deleted in htaccess file that should be there, do you have a backup of that file somewhere?
      If you do, then you can try to restore it. If not you can try to add the default code for WordPress, check this article . Just make sure you save your corrupt file.. just in case.

  26. Mayh27

    I just removed the strings you told. Now it has only this code:

    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ – [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]

    # BEGIN WordPress

    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ – [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]

    # END WordPress

  27. Mayh27

    I uninstalled all SSL but now I got
    NET::ERR_CERT_COMMON_NAME_INVALID
    Subject: *.prod.ams1.secureserver.net

    Issuer: Starfield Secure Certificate Authority – G2

    Expires on: 4 Apr 2020

    Current date: 8 Nov 2018

    PEM encoded chain:
    —–BEGIN CERTIFICATE—–
    MIIFgzCCBGugAwIBAgIIIgzmHIk1WdAwDQYJKoZIhvcNAQELBQAwgcYxCzAJBgNV
    BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUw
    IwYDVQQKExxTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTMwMQYDVQQLEypo
    dHRwOi8vY2VydHMuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3NpdG9yeS8xNDAyBgNV
    BAMTK1N0YXJmaWVsZCBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIw
    HhcNMTgwNDAzMjA1NjAwWhcNMjAwNDAzMjA1NjAwWjB
    ……………….

  28. Mayh27

    Hello Robert! So, I could not resolve that issue. After long chats with techs of GoDaddy they strongly advised to prevent further problems uninstall all the SSL that is not of GoDaddy, than buy SSL from GoDaddy))) Anyway, couldn’t beat this issue, rolled back and uninstalled SSL so now I have everything I had before, excluding that browser periodically complains for ‘Privacy errors’… Maybe the other time I will try to install SSL from Let’s Encrypt again, but not very soon, I had enough.

  29. Anjola

    hello robert! i followed the steps carefully and was able to get to the part where you install the certificates on ssl. i’ve marched each certificate to each field correctly. however i noticed that the certificates won’t install correctly. what exactly is the problem?

    1. Robert

      Hi Anjola, what does it tell you? so you get the 3 green check marks, but then it doesn’t allow you to proceed?
      Or is the issue on the website? If you get something like “not fully responsive website”. Then you probably have mixed content issues. Here is how you can fix it easily: https://punchsalad.com/ssl-certificate/install-lets-encrypt-godaddy/#chapter4b

      If you are on wordpress just scroll a little, there is separate section for it.

      Regards,
      Robert

  30. Peter

    You forgot to mention that you need to remove the redirect from the .htaccess file when updating the cert. Otherwise, you get the “Invalid response from” error when validating you own the domain. This took me an embarrassing forever to figure out.

    So take out the redirect from the .htaccess file, it may look like this:

    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    Do the validation, then put the redirect back.

  31. Amanda

    Hello Robert, thanks so much for the great walk through. However I am stuck on step 13, Im not sure which “root” to select. These are the options I see when I go to file manager:
    1. Home Directory
    2. Web Root (public_html/www)
    3. Public FTP Root (public_ftp)
    4. Document Root for: website.com

    Let me know which to go to

    1. Robert

      Hi Amanda,

      This depends, is this your primary domain?
      If it is then select the Web Root (public_html/www)

      if it’s a domain that you added after your primary domain (these are called addon domains), then add it inside the website.com root.

      I hope this helps 🙂

  32. Randy

    Hi Robert
    I cant get my GoDaddy site to work. I tried a few variations
    public_html/.well-known/acme-challenge/bunchofcharacters
    public_html/.well-known/acme-challenge/bunchofcharacters.txt
    but the pages are still not found
    Hope you can help

    1. Robert

      Hi Randy, is the SSL going for a primary domain or addon domain? if it’s addon, then you have to put it in the right folder, for example:

      public_html/yourAddonDomain/.well-known/acme-challenge/bunchofcharacters.txt

      Does this help?

  33. eazs

    hey bro i really like the way u simplify everything thnx for that . im suffring in the verifecation step i tried so many ways i added the .txt .. but it just dosnt work i have subdomain technat.epizy.com and i read all the comments here but nothing seems working so please help me with this and thank you !

  34. Himanshu

    Hi Robert,

    his is a great video. Thanks for the video.

    I have two issues:
    Mine is a managed WordPress for my site as GoDaddy classifies it and I GoDaddy told me last week that I cannot get cPanel access for my site. However, watching your video, I think I can do pretty much everything up to creating an .htaccess page via SFTP access which I have. Not sure if I can do things after creating .htaccess but it seems I should be able to.
    Do you think I can do SSL certificate installation via SFTP and without cPanel?

    2) I called GoDaddy support and the support person said that GoDaddy does not support free SSL certificate. When I pinned him down, he said that if I can do it, I can go ahead and do it but they will not support me. So he is being non-committal and Godaddy is probably trying to discourage free SSL.
    I take from his answer that I can do it if I am able to and it should work just fine. What do you think?

    1. Robert

      Hi Himanshu,

      Thanks for kind words.

      For managed WP you can try to use cloudflare (CDN), as long as you have control of your domains you should be able to set this up.
      Here is my video on the topic: https://www.youtube.com/watch?v=XxlbH5xMucQ

      Doing this through FTP might be possible, but I wouldn’t know how to achieve this and probably involves some coding.

      To your 2nd question, GoDaddy doesn’t block free SSL, like you said they want to upsell their own stuff, but I have cPanel and with that it works perfectly.

      I hope this helps you Himanshu. Have a great day!
      Robert

  35. Binil Varghese

    I am using a GoDaddy Linux shared hosting and getting a 404 error in verification. how can I configure MIME in Godaddy
    ———————————————————————————————————–
    Anyone with 404 in the verification, insert the expression “text/plain .” in the MIME of the server (inside the MIME text box), to open files without extension.

    You can configure MIME in “Internet Server Settings”, and remember to put the “.” at the end of the expression.
    ————————————————————————————————————
    couldn’t find the Internet Server Settings, Please help

  36. Festus

    Hi Robert,
    I followed your steps and I would like to commend you for this.
    A warning was shown by the browser after installing that the connection is not secure,
    However, I went to chrom the “elements” and “console” section and changed the url’s for the styles to Https: for http: and the 12 errors associated with this disappeared.
    Unfortunately, the website still presents the error that the connection is not secure.

    statisticsasnswered.com

    Thank you

    1. Robert

      Hi Arama, if you have full access to your server you can use certbot. Unfortunately if you don’t then there is no way to auto renew this 🙁

      Once you’ve done it few times it takes only 5-10mins.

      Have a nice day!

  37. Umar

    It worked well but it’s not showing the green bar. How to get green(secure) at the beginning not address bar.

    Note: I’m using Chrome and chrome displays SSL in that way.

    Also, I have been noticing that we are just installing SSL in a basic manner and seems we do not verify domains and organisations. Is that the reason I’m not getting the green bar ?

    How can I get it, please help.

    1. Robert

      Hi Umar, unfortunately with the free SSL you won’t get the greenbar + the company name.

      You need to get the paid one that verifies the organization and the person. These are called OV SSL Certificate or EV SSL Certificate.

      I hope this helps!
      Robert

  38. Jeff Wirth

    Thanks for the great tutorial! I successfully installed the SSL certificate for my site on GoDaddy.

    Without the redirect code in .htaccess, I get these results
    https://interactiveplaylab.com opens https://interactiveplaylab.com/ (site visible, secure)
    https://www.interactiveplaylab.com opens http://interactiveplaylab.com/ (site visible, but not secure)
    interactiveplaylab.com opens http://interactiveplaylab.com/ (site visible, but not secure)
    http://www.interactiveplaylab.com opens http://interactiveplaylab.com/ (site visible, but not secure)

    With the redirect code in .htaccess I get these results:
    https://interactiveplaylab.com opens https://interactiveplaylab.com (error message only)
    https://www.interactiveplaylab.com opens https://interactiveplaylab.com (error message only)
    interactiveplaylab.com opens https://interactiveplaylab.com (error message only)
    http://www.interactiveplaylab.com opens https://interactiveplaylab.com (error message only)
    All four pages show the error message: “This page isn’t working interactiveplaylab.com redirected you too many times.”

    Any suggestions for how to get the redirect working?

    1. Robert

      Hi Moshe, try to remove the .txt file from the file, or if they already have it then add it.

      Also is this your primary domain? If not then you need to place the .well-known/acme-challenge/…. not on root folder, but inside the domain folder.

      Regards,
      Robert

  39. Moshe

    Hi Robert!

    I literally tried everything and it still didn’t work, so I tried the Cloudflare option and it worked great!

    My only question is: Do I need to renew via Cloudflare every 6 months?

  40. Cassy Spencer

    These videos are absolutely awesome. Thank you so much for making them, I’ve learned a lot. I have a question for you, is there a way to make GoDaddy Auto-Renew my LetsEncrypt SSL certificate?

    Thank you again.
    Hasta la vista, baby!

    1. Robert

      Hi Cassy, I’m glad you liked this tutorial and it was useful.

      There is a way to automate this with Certbot, but you need full access to your server (if you have shared hosting then you don’t have it) and some knowledge of terminal.

      That said, once you’ve done this SSL process few times it literally takes 5-10mins per domain. The hardest part is to remember. Personally, I just added this to my calendar and I do it every 85 days (because if the SSL certificate expires there are few extra steps to make it work again).

      I hope this helps,
      Robert

  41. Shaun

    Let me first say thank you for this. Exceptionally helpful to us newbies. For reference, I did not set up a WordPress account (not sure if it matters but I raise it because the example references WordPress where I had a blank .htaccess).

    My hiccup was not correctable by GoDaddy staff and I was unable to assist which required me to re-upload my entire page losing days of work). But, it’s all figured out. And, that’s a success.

    Description of Problem:

    I had no issues until I got to the redirect phase from http to https://. Prior to creating and modifying the .htaccess file, I checked my site and the could access through the unsecure http:// and the secure https:// without issue.

    So, I created the the .htaccess file and copied and pasted the suggested code above:

    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    The result was an error code:

    “Forbidden You don’t have permission to access / on this server. Server unable to read htaccess file, denying access to be safe”

    Before re-installing my site, I deleted the file to a blank one, played with other codes, contacted GoDaddy and the error code would not go away.

    The solution on re-install was the following code (where replacedomain is your domain name:

    RewriteEngine On
    RewriteCond %{HTTP_HOST} ^replacedomain\.com [NC]
    RewriteCond %{SERVER_PORT} 80
    RewriteRule ^(.*)$ https://www.replacedomain.com/$1 [R,L]

    It worked. I don’t know why… at all. But, hoping the knowledge helps others

    1. Robert

      Hi Shaun, Sorry to hear about your difficulties and I’m glad you were able to resolve them.

      It is strange that the .htaccess code that was provided in this tutorial didn’t work. It’s not specific to WordPress by any means. But I’m happy that you shared your solution here. I’ll add it to the issues part in the article, so it can help others.

      Thanks again for sharing your solution!
      Robert

  42. Brian

    Hi Robert. Got a quick question I have one main hosting account but 3 different domains for three different sites. I got it to work on my main domain but now the other sites are broke. How do i get them back online and ssl secure also? My hosting company is go Daddy.

    1. Robert

      Hi Brian, so from what I understand you have a primary domain and then 2 add-on domains on it?
      I guess these have their own folders inside your public_html folder?

      If the above is true then you need to create separate SSL for each of the domains. I have a similar setup as you do. And then in each of the domain folder create a .htaccess file with the redirect code.

      I hope this helps.
      Robert

  43. Steve

    Hi Robert

    Thanks for the great video. I followed it and it worked great, until I went onto the site.

    I have an i in a circle with not secure. I presumed this was a mixed content warning so went onto the console expecting to follow your other video, but there was no mixed content warning, only:

    Failed to load resource: net: :ERR_FAILED

    And:

    Access to font at https (website name(actual site address.))/wp-content-plugi.(index):1ns/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.ttf?v=4.7.0 from origin (website name again) has been blocked by CORS policy: no ‘Access- control-Allow-Origin’ header is present on the requested resource

    Any ideas?

    Thanks, Steve.

  44. Anchovy

    Hey Robert!

    Loved the detailed instructions mate. Thank you!

    But I’m having this “fake” certificate issue – https://margulesleadershipconsulting.com/

    I checked the GoDaddy certificate list, and there the validity date for the certificate is correct – May 2019

    But if you check the URL, it shows – Expired: Thursday, 4 February 2016
    and says – “fake” certificate not trusted

    What could be the issue here?

  45. Frank

    Hey Robert,

    I’m on step 17. I’m getting a 500 error code, it says internal server error. And for whatever reason the URL is showing my actual computer info “file:///users/username/downloads/” and after the last forward slash it shows the text for the ssl cert.

  46. Connor

    Hey, i keep receiving the 404 page not found message when trying to verify the pages. I have no idea what the MIME and “text/plain .” parts do and still can’t get the SSL certificate because of this. Any suggestions?

  47. Guerschom

    Hi Robert!

    Thank you for sharing this enlightening information. I followed along with your steps and got my website all set up with SSL.

    I do, however, have one concern: how do I go about renewing the certificate? Do I perhaps retake the same steps I took to install it?

  48. Govind Desikan

    Hi Robert,

    At step 16 when I continue with step-17 it displays my website instead of scrambled message. Could it be that my earlier certificate is still active?

    Thanks in advance

    1. Robert

      Hi Govinda,

      This probably is happening because your server doesn’t show txt files and then redirects it to another page. It thinks the path is wrong. Are you able to access the file when you just type the url in browser?

      So something like http://www.yourdomain.com/.well-known/acme-challenge/fileyoudownloaded.txt ?

      Also if you are using windows servers you need to do some extra stuff: https://punchsalad.com/ssl-certificate/install-lets-encrypt-godaddy/#chapter4e

      Does that help?
      Regards,
      Robert

  49. Shariik

    Superb, Thank you Dude for your fantastic Post, Its worked from me…. I just want to know the method of auto renewal of free ssl with zerossl, can you please send me details in my mail box “er.sharik@gmail.com”

  50. Walter Whitman Moore

    THANK YOU for your step-by-step instructions on how to install SSL Certificates!
    You should be in charge of all internet instructions! You rule!
    I’ll be back in 90 days….
    Cordially,
    Walter Whitman Moore

  51. Sakura

    Thank you for your well written and easy to follow tutorial! I’m new to web hosting and your tutorial enabled me, with a limited IT knowledge, to install an SSL certificate on my website.

  52. Stephen Stefanski

    For the life of me I could not get this process to work on my godaddy account. It keeps saying that the file is not found. I have noticed they have a default file setup and causes my file chain not you look like yours. I tried about 6 times with no avail. I just don’t want to pay godaddy R$21 a day for ssl. You did a great job with all the info though

  53. Amanda

    Thanks for the great tutorial. All was going well, files recognised and everything until I realised the Deluxe Hosting on Go Daddy doesn’t let you access SSL/TLS settings…..sigh….need to move hosting provider….

  54. jobb

    Awesome article! Thanks! I was able to successfully install an LE SSL on my shared GoDaddy hosting account.

    Only had one minor hitch… on current shared cPanel hosting accounts on GoDaddy, on Step 14 above, it says to create the folders .well-known/acme-challenge in the “root”.

    The first time you use File Manager in GoDaddy, it defaults to the “home” directory, which I found out is NOT the same as the “root” directory. Installing .well-known/acme-challenge in the home directory does not work.

    In the screenshot, it shows domainname.com/.well-known/acme-challenge as the path, but again that’s misleading for shared domains. There is an /etc/domainname.com folder, but if you put .well-known/acme-challenge underneath that folder, it also does not work.

    With a little digging, I discovered that GoDaddy considers the /public_html folder the “root” folder, so you want to create the subfolders in there so it looks like /public_html/.well-known/acme-challenge. THAT path finally worked. Now that I know, I’ll go straight to that next time, but just wanted to add this distinction for anyone else using shared GoDaddy hosting in 2019.

    Thanks again for taking the time to write this out step-by-step. Very helpful!

    1. Robert

      Hi Jobb, sorry for the late reply. And thanks a lot for pointing out this detail.

      Your explanation was so clear that I’ve added this explanation in the text after point 14. And I think other people might have similar issues.

      Oh and if you want me to link your name to social media or a site just let me know.

      Thanks again and have an awesome day,
      Robert

  55. Timothy Maggenti

    Apparently Godaddy updated and it is way different when we get to uploading the CRT data etc. I really have no idea how to fix this. Without SSL no one has a website. How can they do this to people, they want $80 bucks just to put the stupid free ssl on I am just about ready to say keep the money I am going somewhere else for hosting! I hope you can help, up until that point it was all good?

  56. Astrid

    Mahalo worked all out, great how too…. yeah got stuck for a moment uploading the text files insted of the files that come next page…. but still just had to read again and figured it out… thanks

    1. Robert

      Hi Astrid,

      I’m glad you were able to sort it out! just don’t forget to set a reminder to renew the SSL certificate within 90days.

      Otherwise, enjoy your slightly more secure website 🙂

      Regards,
      Robert

  57. Fritz Schnitzer

    Hej man,
    thanks so much for this superbe tutorial. I’m digging your style of present yourself.
    I’m trying to set up my website. http://www.fritzschnitzer.com
    I was buying a domain from godaddy, deployed my site on netlify and tried to install a custom certificate on netlifiy. I did all the steps on zeroSSL but it says “is not a valid PEM certificate” when i want to implement the code on netlify. Any suggestions? 🙂

    I also managed to combine my googleaccount with smtp2go and godaddy and it works. The next steps would be the SSL certificate and getting my dang website uploaded and running secure. This would be a great help for my business!

    Thank you in advance,
    Fritz

    1. Robert

      Hi Fritz, sorry for the late reply, I don’t always get notified about these comments.

      I haven’t used netlify before, but from a quick check, they seem to have free SSL of their own?
      Anyway I see that you already managed to install an SSL, so I guess you are all set!

      Robert

  58. Astrid

    Made it almost to the end on free ssl, but was only issued the crt to download and not a domain key. I have GoDaddy hosting. How do I get a matching domain key? This is my first ssl.

    1. Robert

      Hi Astrid, this doesn’t depend on your hosting. It’s strange that it didn’t issue CRT, just try again maybe something went wrong.
      I think it doesn’t issue the CRT if you don’t fill in let’s encrypt key or CSR in step one.

  59. Astrid

    No, I did get the CRT and was able to fill in Section 1 (CRT) and Section 3 (CABUNDLE), but I was never issued the Private Key (KEY) for Section 2. I tried starting over 3 times, but the zerossl page said something about rate limits and shut me out. I didn’t go over any rate as I only have one certificate with no matching domain key. I have the certificate, but it won’t install without the key. How do I get the key? This has taken two days, not 10 minutes…ugh. Thanks for trying.

    1. Robert

      Sorry to hear that Astrid, indeed it looks like it’s been a struggle for you to get this working.

      The Private Key should be just under the CABUNDLE in zerossl (here is where: https://youtu.be/GPcznB74GPs?t=256 )

      If it’s not there, then I don’t know why. You can also get SSL by utilizing cloudflare’s SSL certificate, which is free if you website doesn’t have much traffic (I think the limit is like 5000-10000 per month)

      Here is how you can do that: https://www.youtube.com/watch?v=XxlbH5xMucQ&lc=UgyKPawXPcItfisCHs14AaABAg

      P.S. The avatars are sometimes ridiculous funny 😀

  60. Lisa

    Amazing – thank you so much for this article it talked me through the whole process step by step and it has worked – thank you. The only issue I’ve now got is that all the pages on my site are covered by the SSL but the only page that isn’t showing the secure padlock is the page I need it for – the page I sell my digital product 🙁 Any ideas why this is happening? I have used Woocommerce as a plug into my WordPress site to sell this digital product – so I wonder whether this page is a subdomain? Any help or advice much appreciated and thanks again for the awesome article.

  61. Andrew

    Wow, great article! Thank you for the thoroughness, screenshots, and video. Unfortunately, I am running into the same issue many seem to be having with getting a 404 error during verification. My two verification links are… http://bananas.agency/.well-known/acme-challenge/2-fhsJIPE5I5VJO9kh74xBa-3ncLHNehMSeTLNM0L1w …and… http://www.bananas.agency/.well-known/acme-challenge/fX8bKvGs8sJMXfeoXmH0pxyIy2uOB4DrAbJUFcFQcvI …would greatly appreciate any help you can provide 🙂

    1. Robert

      Hi Andrew, sorry to hear you are having issues with this.

      if you are in Windows servers try this: https://punchsalad.com/ssl-certificate/install-lets-encrypt-godaddy/#chapter4e
      and if you are on linux then it’s probably this: in file manager or FTP, remove the .txt from the end of the file(s) that you download from Zero ssl if you don’t have it.

      If that doesn’t work, double check that your folder (.well-known/acme-challenge) is in right place. for example if you are adding this to addon domain it won’t be in the root but something like bananas.agancy/.well-known/acme-challenge

      I hope this helps,
      Robert

  62. G M

    Hi Robert,

    Thanks for the detailed step-by-step instructions. If I build my website on Weebly, which I them host on a GoDaddy domain, do I have to get an SSL Certificate as listed in the steps above or can I do it on Weebly too? It’s a bit unclear as Weebly is also offering SSL certification for websites built there.

    Thanks,
    GM

    1. Robert

      Hello GM,

      I haven’t tried but this might work if you install it through Godaddy.
      In general, it’s easier to install it on your hosting provider, but it’s worth the try.

      Regards,
      Robert

  63. Deep

    hello ,
    i recently buy a domain and web hosting from Godaddy. chrome shows not secure warning. As you suggested, i follow the all above steps for installation the SSL certificate and it was successfully installed. when i start testing in a chrome with https://mydoamin.com chrome shows Your connection is not private and also with below error,
    NET::ERR_CERT_AUTHORITY_INVALID. i try various methods but nothing will work, so please suggest me how i resolve this issue.

  64. G M

    Hi Robert,

    I’ve started going through the process of encryption —
    1) I don’t have the site built completely yet. It’s under construction and will be a sub-domain on the GoDaddy server. Is that okay?
    2) I can’t seem to get beyond steps 8-10. They seem to be going in a loop. I have a screenshot but can’t post it here.

    1. Robert

      Hi GM,
      Please find answers to your questions below.
      1. It’s okay, even if your website is just a hello world website. And subdomain should be fine too.
      2. Do you get any error messages in zerossl?

      Regards,
      Robert

  65. Sue Brown

    With both zerossl and ssl for free I receive an error message that says I have registered too many times. I have only installed perhaps three SSL certificates for the domain in the past year, one new one, then renewals after that. I can’t renew in this case. What should I do?

    1. Robert

      Hi Sue, there shouldn’t be restrictions on this. Where do you get this message? in zerossl?
      Also did you start the whole process all over or did you follow the renewal video?

      Robert

  66. John O

    Great article Robert, was helpful.
    I have a question.
    I was able to install lets encrypt on my domain but it did not conver for these the subdomains – webdisk.
    webmail. and cpanel.
    Any way to fix this.

    Then I did not see an article on how to set cron job to auto renew the ssl.

    Thanks
    John

    1. Robert

      Hi John,

      Try to install a wildcard SSL (was introduced after the I made the video) which should apply to all your subdomains, so just register the
      *.yourdomain.com in zerossl and it should work.

      Regarding the cron job, you need to have full access to the server which you don’t have if you are using shared hosting. If you have dedicated hosting here is how you can do it: https://www.linode.com/docs/security/ssl/install-lets-encrypt-to-create-ssl-certificates/

      I hope this helps.
      Robert

  67. Marco Vogelezang

    Hi,

    Great tutorial, works great. However. When renewing I get the error:
    “Check webserver config for missing ‘/’ in redirect target.”

    I don’t understand what to do. Could you please point me in the right direction?

    Kind regards,

    Marco

    1. Robert

      Hi Marco,

      Thanks for kind words. When do you get this error? when you try to verify the txt files?
      It sounds like there is / missing somewhere in the file path or maybe redirects. Has your SSL already expired?

  68. Natt

    A fantastic tutorial, concise but well explained, worked like a charm, thank you.

    I have a domain that is used solely as a redirect to my main domain and so it doesn’t appear as an option in cPanel, is there a way to secure this domain as well?

    1. Robert

      Hi Natt,

      yes, you can achieve this the same way, but you need to temporarily remove the redirect and then verify the website with well-known/acme-challenge and then add back the redirect. Essentially the process is the same as in this tutorial.

      Regards,
      Robert

  69. Scott

    Hey Robert,
    Awesome guide to using zerossl and letsencrypt ssl stuff in general!

    I’m batching ssl for 33 different sites. The problem I’m running into is the LetsEncrypt rate limit of ssl issued domains per week (50). I’m right at ~23 or 25 because I messed up 2x so I think it double counts when i do example.com and http://www.example.com in the first screen on zerossl. So I’m capped and I’ll have to wait a week, not just for this week but 4 times a year if I repeat this process manually.

    So my first question for you is if it’s at all different to generate a shared SAN certificate with “up to 100” domains on it (just keep separating the domains with commas?)
    – And if/how it’s different on the final step in (godaddy) cpanel >manage ssl window?
    Ref: https://letsencrypt.org/docs/rate-limits/

    Second question is: how would you approach the ssh commands via godaddy cpanel “auto-renewal” of these certificates. I found something but it’s over my head: https://www.godaddy.com/community/SSL-And-Security/Lets-Encrypt-SSL/m-p/108422#M2316 — See emreunal ‘s comment about 2/3 of the way down. Is this possible with godaddy hosting?

    To my knowledge, I can’t install certbot on my server.

  70. Scott

    So about my last comment about the rate cap of 50 hitting me at around 23 – I waited about 15 minutes and the error message went away and I could proceed to get more ssl’s.

    I’m still curious though about the nuances of how a multiple, shared domain certificate works in the final step – from the domain pulldown in manage ssl, do you have to assign it to the primary domain and it automatically picks up the subdomains listed on the certificate?

    1. Robert

      Hi Scott,

      Wou you have a lot of domains to manage 🙂

      if the domains are all subdomains (different than addon domain) you can group them in ZeroSSL by creating a so-called wildcard certificate by adding a *.yourDomainName.com instead of http://www.yourDomainName.com. And in GoDaddy just select the top level domain for example “yourDomainName.com (+ subdomains… etc)”. It should apply the certificate to all subdomains.

      If your domains are addon domains, then you need to add them separately.

      Regarding auto-renew, thanks for sending the link, I thought it’s not possible to auto-renew (at least no with certbot). but I need to check if I’m able to follow emreunal’s instructions because it would help a lot of people including me!

      I hope this helps,
      Robert

  71. sunny

    hi,
    auto redirect to the website didnt work for me.

    i tried the below 2 optionsbelow after “# END WordPress”:

    option 1:

    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    option 2:

    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    please guide.
    thanks
    Sunny

    1. Robert

      no luck, I can’t see what’s going on, it seems the code in .htaccess file is not working at all. Double-check that you’ve updated the right .htaccess file. If this is your addon domain, then you need to update the .htaccess file inside the domain folder, for example, Buckssmart.comor similar.

      Or if that doesn’t work you can just use this plugin: https://wordpress.org/plugins/really-simple-ssl/ it should do it for you.

      I hope this helps.

  72. Jon

    Hi really useful vids, I have a managed wordpress and so (it appears) I don’t have a C Panel, in which case I cannot use SSL free certificate wizar – is that right? Any way around this? I just don’t see web hosting under my products.

  73. Chaitanya

    Million Times Thank you very much for writing useful blog. I was able to configure SSL for my website (www.ChaitanyaPatil.in/vm) in less than 10 minutes. Thank you very much again.

  74. William

    Hey robert!
    i was wondering if i am able to put those files in domain.com/htdocs/.well-known/cname-challenge/?
    bc my host don’t lemme create folder named .well-known in domain.com/here
    it just says “Access denied”

    1. Robert

      Hi William,

      I think it’s okay, I assume in reality the /htdocs/ won’t actually show up in the URL and it’s treated as the root folder of your hosting. Just try it out, zerossl will just fail it if it doesn’t work.

      regards,
      Robert

  75. William

    Yeah it don’t lemme do it…
    i always get this error:
    Invalid response from http://darksidestudios.net/.well-known/acme-challenge/XDCNqa0pM7ExdOfM59GY8VCO2hbFAvlLhYYNxWLG9Mk [185.27.134.204]: “function toNumbers(d){var e=[];d.replace(/(..)/g,func”
    and this:
    Invalid response from http://www.darksidestudios.net/.well-known/acme-challenge/tT8SyeCLkax_EJt0DOHvJW2_JsebxyO3VNdLjGudSaI [185.27.134.204]: “function toNumbers(d){var e=[];d.replace(/(..)/g,func”

    What’s wrong with it?

  76. Jon

    Hi Robert

    This was really helpful – but I didn’t get padlock due to some mixed content alerts; however when I go to WordPress settings>general I get a message reading: Your domain cannot be changed here.

    It provides a link to change domain on godaddy: this asks me to update the DNS A record on my domain regsitrar. I don’t seem to be able to do this successfully: any tips?

  77. Steve L.

    I keep getting the invalid response, no matter what I try. I’ve verified the files are there. I substituted my domain for real domain name below. Otherwisethe syntax is what I get on the verification step.

    Invalid response from http://“my-domain”/.well-known/acme-challenge/SSXAjMweeMSEZMxbHcnSOxWWF6ipFq4TP-im8xxamps [107.180.57.148]: “\n\n\n\n<meta name=\"viewport\" content=\"width=device-width, initial-"

    1. Robert

      Hi Steve,

      Sorry to hear that you are having issues with the installation.
      Please try to remove the .txt files from the files you download.

      That said, you mentioned that you are on GoDaddy’s managed WordPress? If that’s the case, I believe you don’t have access to cPanel and won’t be able to install the certificate. Please check if you have cPanel before trying to finish the steps in this tutorial.

      In any case, you can also get an SSL with Cloudflare, if you have a small website it’s free. Here is the tutorial: https://punchsalad.com/wordpress-tips/free-wordpress-ssl-certificate/

  78. Steve L.

    I do have CPanel. I also have Filezilla if needed. I’ve probably generated two or three CRT’s in all my attempts to get this working. Not sure if I qualify for Cloudfare or not. It is a single website, but get some pretty decent traffic. Unfortunately, it’s nearly gotten to the point where my time has exceed the $70 GoDaddy charges for their SSL. But it’s more a matter of principle.

    1. Robert

      Hi Steve, I know what you mean about the principle, I do it for the same reason.
      And I understand now your situation with Cloudflare.

      If you want you can send me an email to tipswithpunch(at)gmail.com and I can take a look.
      Please include all the files you got from zerossl (including the two txt files which you uploaded to .well-known/acme-challenge). I can check if I can get to the last step or if I get stuck too.

      Because it seems you’ve tried everything already.

      Regards,
      Robert

  79. Laurie

    Hi Robert,
    I would like to get a SSL certificate for my main domain and subdomain using ZeroSSL. I have Godaddy CPanel. Should I place the 2 files in /Public_HTML folder first. Then, after I get the first certificate for the main domain, add the same 2 files in a folder within the subdomain folder for the 2nd certificate. Is the process the same for getting a certificate for the subdomain?

    1. Robert

      Hi Laurie, luckily you don’t need separate SSL for each. You can just use wildcard SSL in ZeroSSL.

      In the domain field just write: *.yourdomain.com the star tells zerossl that it’s all subdomains (including www)
      And then place the 2 files in the public_html folder.

      This will make your main domain (www.yourdomain.com) and subdomains (docs.yourdomain.com, support.yourdomain.com) secured.

      I hope this helps!
      Robert

  80. Kinga

    Hi,
    this is great. Thanks so much for taking time to explain it in great detail. I have one question – SSL only works when I type in my web domain name with ‘www.’ infront of it and when I type the name only without ‘www.’ it goes to insecure website. Is there a way to fix this?
    Thanks!

  81. Laurie

    Hi Robert,

    I was able to receive a SSL certificate for my website. However, the site is still not secure due to a mixed content warning. The index.php file in the theme’s folder shows 4 images with http instead of https. I deleted the 4 images but the URL still shows up in the index.php file. (All 4 .png images came with the wordpress Estore theme.) I also added the WordPress plugin “SSL Insecure Content Fixer” but that did not make any changes to the file. The mixed content is in the Footer section. Is it safe to make a change to the index.php file? Would it work if I added the correct code in the custom CSS section. Thank you.

    Laurie

    1. Robert

      Hi Laurie, yeah it should be okay to change the URLs in the php or css file. so just change them from http to https.

      Good job of getting this done despite all of the issues you are having. You are almost there!

      Robert

  82. Jade

    Hi Robert,

    Jade here. Your video and article are so amazing. But for me, I am struggling. Because I have a godaddy web hosting and I couldn’t get a free SSL to install it on my godaddy web hosting. I don’t have a cpanel web host, I used godaddy. I purchased a web hosting and got the free domain. How should I get a free SSL then? I hope you can help me solve this problem. I have been stressing out myself to find the answer. I just couldn’t follow your video, because it’s hosted into Cpanel. Please help me.

    Thanks.

    1. Robert

      Hi Jade,

      Thanks! Yeah, unfortunately for managed WP you can’t install let’s encrypt, but no worries, you can use Cloudflare to get the SSL.
      It’s free when you have a low amount of traffic, here is how you do it: https://www.youtube.com/watch?v=XxlbH5xMucQ

      Btw, most other web hosting companies provide SSL for free, so once your term is over with GoDaddy, it might be a good time to look around for other hosts. But obviously that’s up to you.

      Regards,
      Robert

  83. Shahzad Gulfam

    Hello I have a problem with my site when I upload those two key challenges and I click next for certificates It says “Some domains have failed verification.” Even I have properly uploaded them

  84. J M Das

    Hi Robert!

    It’s a great tutorial.

    I reached up to Step 14.There you mentioned about creation of two folders. .well-known and acme-challenge.
    Should I have the same name or I am free to chose my own name for the folders

    Thanks

  85. Deepika

    Hi, I am renewing my SSL certificate and when I click on the links to verify, it goes to a page not found on my website. However, when I add .txt to the end of the URL it goes to the correct page (the blank page with the string of numbers and letters). Do you know how I can fix this in order to continue to the next step?

  86. Quick Start

    Hi Robert, I have used zerossl.com many, many times with much success due to this tutorial. All of a sudden I’m running into an issue with one add-on domain whereby I’m receiving a 404 not found “nginx” error when I try to verify the two text files (new installation, not a certificate renew). I’ve tried uploading them with and without the .txt extension. I’ve already configured in MIME, tried adding a web.config file, edited and then deleted my .htaccess file, nothing seems to work! It’s quite strange since I have many other add-on domains with pretty much the exact same set up (same theme, plugins etc. on the same GoDaddy hosting account) and installing a certificate has been flawless. I’m really at a loss here! Any help would be great!

    P.S. I’d really really prefer to not use the Cloudfare solution. As all of my other add-on domains have worked on the same hosting account.

    Cheers.

  87. rich stevens

    hi robert thanks for the info i was so excited i found this BUT did it three diff times and get this when i click the link:
    Not Found
    The requested URL /.well-known/acme-challenge/dwMZWSMQzDs2LOTHedNVLpLlO4He1o-OhTNR0gL02Ls was not found on this server.

    Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

Leave a Comment

Your email address will not be published. Required fields are marked *

*
*