Hello Internet People!
In this article, you will learn how to install Let’s Encrypt in GoDaddy with a free SSL Certificate Generator. I’m using Godaddy, but this should work on HostGator or any other hosting provider that has cPanel.
In addition, I will show you how to always redirect users from HTTP to HTTPS using just a few lines of code.
No coding skills required!
CONTENTS
Let’s Encrypt is a free SSL certificate provider and verifier. It is becoming popular among small website owners, and even NASA is using it for some of its smaller sites (3000 different sites). So you are in safe hands using them.
Now the only con of let Let’s Encrypt is that you need to renew it every 90 days.
UPDATED: I did this for few years, but I got tired of the hassle every 3 months, so now I use a paid SSL that I bought 9$. Here is an article about how you can install external SSL in GoDaddy.
There is a way to set up Certbot to renew the SSL certificate automatically, but this requires knowledge of shell/terminal and might be too hard for beginners to grasp. So I want to cover it in this article.
This tutorial is for people who want to get a free SSL certificate for GoDaddy, this will work on shared web hosting and we will use an online tool that I created.
In my examples, I will be using letsencrypt on GoDaddy shared hosting, but it will work on most other hosting providers too. (2020 Update: no more Zerossl or sslforfree as they changed to paid service).
Hot Tip! If you want to include your sub-domains then use a wildcard SSL. In the domain field, just add following: *.yourdomain.com, yourdomain.com
Note the star (*), it’s important.
Learn more about wildcard SSL installation.
Hot Tip! If you are doing this for an addon domain, then just go to the root of that domain. So where ever your index.html or index.php for that domain is.
mydomain.com/.well-known/acme-challenge
Please note: You can just delete the .txt files you put in the /.well-known/acme-challenge once you are done, but keep the folders. You will need them in 90 days again.
If the file .well-known does not show after making it. Just do the following, click on the “settings” button in the top right corner of the file manager. In the pop-up select “show all hidden files”.
If you are having issues with finding the root directory.
Jobb added a comment with a better explanation:
The first time you use File Manager in GoDaddy, it defaults to the “home” directory, which I found out is NOT the same as the “root” directory. Installing .well-known/acme-challenge in the home directory does not work.
In the screenshot above, it shows domainname.com/.well-known/acme-challenge as the path, but again that’s misleading for shared domains. There is an /etc/domainname.com folder, but if you put .well-known/acme-challenge underneath that folder, it also does not work.
With a little digging, I discovered that GoDaddy considers the /public_html folder the “root” folder, so you want to create the subfolders in there so it looks like /public_html/.well-known/acme-challenge. THAT path finally worked.
As we downloaded two text files in step 8 , but the files weren’t really ‘text’ files but simply files with no extension. That is why it was not validating the keys. Just rename the files so that they have the .txt extension. That worked for me.
var ml_account = ml('accounts', '2865109', 'r8a2n9b7d6', 'load');
On GoDaddy, the redirection from http to HTTPS is easily achieved by adding a bit of code into .htaccess (Hypertext Access) file.
We will tell our Apache-based webserver to change all URLs with http:// to https://. Sound complicate but it isn’t. Just stick with it 🙂
This happens before any code of your site is run.
Always redirect from HTTP to https:
Hot Tip! If you can’t see .htaccess file it might be hidden. Here is how to unhide .htacess file.
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
4. Test that this worked by typing http://mydomain.com it should change to https://mydomain.com
You are done!
Remember to update the SSL certificate every 90 days, you can just set a reminder in the google calendar and it takes me about 10 minutes to renew the SSL certificate.
Since your site is secure now, why not speed it up, so it’s lightning-fast…
Here is a video of the renewal steps (old video):
Unfortunately, there is no way to renew letsencrypt automatically unless you know how to use the terminal/shell and you have full access to your server. In that case, you can use CertBot and cron job to update automatically your SSL certificate.
If you are on GoDaddy’s shared hosting, using cPanel, Plesk, or WordPress, CertBot is not an option.
Let’s Encrypt renewal is easy, and you will need CSR, domain Key & account key. If you don’t have these, you have to request a new certificate from scratch, so scroll up to the beginning of this tutorial, or for you lazy peeps click here to go up.
That said, it’s easy to renew Let’s Encrypt, and you can do it in 2-3 minutes using the SSL generator. I just have a calendar reminder every 87 days and then I renew the free SSL certificate on GoDaddy.
Update: I now use a paid SSL that I got for about $9 because I got tired of renewing the certificates. Read more about how you can install a cheap SSL in GoDaddy.
Now I get it, it doesn’t always work out, and sometimes you might have some issues with the installation. Below is a collection of the most common problems.
For anyone who is trying to set up with a subdomain ( ex blog.mysite.com, shop.mysite.com). You can do it by using a wildcard SSL certificate, luckily Let’s Encrypt supports this.
In SSL Generator, in the domains field type: *.yourDomain.com, yourdomain.com
Please note the star (*) is super important to include. It tells letsencrypt that you want to include all your subdomains. And if you are using a so-called “naked domain” (so without www), then you need to type that there too.
And make sure you select DNS, instead of HTTP.
Then just follow the steps in this video:
Are you getting a “mixed content on HTTPS” warning after installing the SSL certificate? Does the browser tell you that SSL is not secure?
In most cases, the mixed content error is easy to fix. The most important step is to identify where the issues are with Chrome’s inspector and then it’s easy to update. This tutorial will show you a quick way to make sure you don’t get HTTPS not secure warnings
Summary of steps:
1. Inspect your website (right-click anywhere on the site, select “Inspect Element” and find the “Console” tab).
2. Determine why do you have mixed content warnings.
3. Update the images, URLs, etc.
Blocked by mixed content on WordPress after installing SSL certificate? You must be asking why is there no padlock?
In most cases, the mixed content error is easy to fix. The most important step is to identify where the issues are with Chrome’s inspector and then it’s easy to update. The video tutorial is captured in Chrome. However, you can use Firefox, Safari, or Edge as well.
Summary of steps:
1. Update WordPress settings with HTTPS.
2. Check images & video URLs.
3. Add http to HTTPS redirections.
4. Updated plugin code.
The trick to getting this to work with Plesk is to fill out the online form on GoDaddy under “Secure Your Site” and let GoDaddy create the Certificate Request (CSR). In this article, for cPanel you are having an SSL generator to create that.
That won’t work for the Plesk Shared Hosting on Windows with GoDaddy because GoDaddy didn’t recognize the certificate.
So, have GoDaddy create that request, copy it, and PASTE that into the SSL Generator (at the bottom of the page there is a checkbox if you have your own CSR). Then the SSL Generator will generate a certificate in the left panel that Plesk recognizes. It took two days to figure that out, but once I did, the site was secure within five minutes.
I’ve heard that if you choose “DNS verification”, follow the instructions exactly and input it on your GoDaddy cPanel. (Note! I haven’t tried this, so I’m not sure this works. However, some users have recommended this.)
In case you want to give it a try in ZeroSSL then follow the below instructions.
Anyone with 404 in the verification, insert the expression “text/plain .” in the MIME of the server (inside the MIME text box), to open files without extension.
You can configure MIME in “Internet Server Settings”, and remember to put the “.” at the end of the expression.
I was getting a 404 error when checking to make sure the 2 files are correctly connected.
My server is from GoDaddy, and I was not configured in MIME for my server to read files without extension.
This MIME configuration causes your server to read files without extension as if it were a .txt file.
I was getting a 404 error when checking to make sure the two files are correctly connected. My server is from GoDaddy, and I was not configured in MIME for my server to read files without extension. This MIME configuration causes your server to read files without extension as if it were a .txt file.
Credit to Carlos Fonsec who provided the answer.
If you are getting “Unexpected error[ Code: 400 ] [ Status: Unable to update challenge :: The challenge is not pending. ]” in zerossl.com when you click the NEXT button, then try the following:
Try using the DNS options. I added a CNAME for “www”. You should see both text values returned when clicking the link. “Your certificate is ready!”
Credits to Matthew Upp for the solution.
Unfortunately, GoDaddy doesn’t support 3rd party SSL with managed WordPress.
What you can do is install CloudFlare which comes with HTTPS. Here is my tutorial about how to install Cloudflare SSL in WordPress.
Otherwise, you can do what Colby did. You need to move from managed WordPress to Economy Linux Hosting with cPanel then transfer your website over (I used the plugin Duplicator basic) and then you can follow this tutorial it worked great for me!
Thanks to Colby Hearn for the answer.
So you might get this message: “You must use an IP address that is on the server. “xxx.xxx.xxx.xxx” is not bound”, while installing an SSL certificate on GoDaddy with Zerossl.
I haven’t encountered this issue myself but here is how Roberto Villegas resolved it.
“I waited two days, and when i tried again. The SSL get installed with no issues, it appears godaddy have an problem with cpanel, at least it’s what they told me that when i called the first time.”
Another reader called Danny resolved it like this and left a comment in the comments below:
“I got the same error when I tried to add an SSL certificate to a domain that had no published content yet (i.e. no index.html or index.php, just an empty folder, except for a few hidden files & empty cgi_bin folder). Guess you need to have some actual content to secure, before you can secure it. Hope that helps somebody.”
Steve left his solution in the comments below:
“I had a problem during installation that others might encounter as well. After I got all of my SSL keys and pasted them into the text boxes under the SSL manager in cPanel, it told me that my IP address was “not bound”.
After a bit of searching I found that you sometimes have to make a very minor change to your DNS settings in order to install your certificate.
If you’re having this problem, log in to GoDaddy, and click on your name up top, and go to “My Products”. Under “Domains”, click on the “DNS” button to the right of the domain name you want to install the SSL certificate for.
In the list of DNS items, one should say “A @ [Your IP Address] 10800 seconds”. Mine was set at 10800, anyway. Click the little pencil icon to the right and edit your settings. Change the time to 600 seconds instead.
This fixed mine right away! I was able to install my SSL certificate and my site automatically redirects to HTTPS.”
Also, Juan had a similar issue, he solved it with:
“Today I had a problem after full filling the SSL Certificate renewal: “IP is not bound”.
Problem is caused by old installed certificates, don´t know why… Just uninstall the SSL Website under SSL/TLS. This action will not delete files in /.well-kown/acme-challenge/ obtained and uploaded from http://www.zerossl.com.
Then repeat steps 26 to 28 herein at the tutorial and there you go! If it is a renewal use the green “autofill by certificate” button to fill the private key and then “install Certificate” at the bottom.
This worked for me, hopefully to everyone else.”
What to do if you don’t have the “SSL/TLS” in your GoDaddy menu. And you only see “SSL Certificates” which means it’s a paid SSL Certificate.
This limitation seems to be on different types of web hosting Economy & Deluxe Web Hosting Linux. It seems to appear for users in different countries (US & UK) too.
The only explanation for this I found was this Godaddy Forum post. This tells that if you have Classic or web hosting that was bought some years ago, they might not have a way to install an external SSL certificate.
A workaround would be to use a CDN like Cloudflare which comes with it. It’s free until a certain limit of traffic, so if you have a low traffic site this might work for you.
Cloudflare is CDN, not hosting. Thus, you would still stay on GoDaddy. But Cloudflare would act as a layer in front of your hosting. Here is a video of how to install Cloudflare on WordPress.
So you’ve followed the instructions in this tutorial, and after installing the certificate in GoDaddy’s cPanel, you get three green checkmarks (step 27 above).
But when you go to your site it still gives an error similar to “Your connection is not private” or “Your connection is not secure “.
Thomas was able to resolve this bizarre issue the following way:
“GoDaddy didn’t know nor believe what i thought until I proved it. The presence of McAfee Trusted Advisor prevented the certificate from being seen.
In every way, as we earlier determined, it was valid and installed properly and even GoDaddy verified it. As soon as I unpublished it, https works. Hope this helps your work and knowledge base.”
So there is a chance that your SSL is blocked by other software such as McAffee.
After some struggles, Shaun was able to resolve this issue and he posted his solution in the comments below. Thanks Shaun!
Description of Problem:
I had no issues until I got to the redirect phase from http to https://. Prior to creating and modifying the .htaccess file, I checked my site and could access it through the insecure http:// and the secure https:// without issue.
So, I created the .htaccess file and copied and pasted the suggested code above:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
The result was an error code:
“Forbidden You don’t have permission to access / on this server. Server unable to read htaccess file, denying access to be safe”
Before re-installing my site, I deleted the file to a blank one, played with other codes, contacted GoDaddy and the error code would not go away.
The solution on re-install was the following code (where replace domain is your domain name:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^replacedomain\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.replacedomain.com/$1 [R,L]
It worked. I don’t know why… at all. But, hoping the knowledge helps others.
If your server is running on the Windows server with IIS then you might not be able to server the file without an extension.
Andrew mentioned below in comments, that he found a solution on StackOverflow. Essentially you will need to create a new web.config file in that directory and enter some custom code. Grab the code from the StackOverflow post.
If you get an error in ZeroSSL: “zerossl failed to retrieve resource directory”. This is actually an issue with Let’s Encrypt and it should be solved now. This was spotted in the Let’s Encrypt community post.
As per Let’s Encrypt engineer:
“We had unit tests for the CORS header behavior but because the problem was at the level of the web front end process’ configuration and unit tests are performed at a lower layer the regression was missed.”
Below are the most frequently asked questions that I’ve gathered from the comments and from my YouTube channel. I hope they clarify some of the questions you have about Let’s Encrypt and GoDaddy.
GoDaddy doesn’t offer a free SSL Certificate, but luckily you can install a free SSL using let’s encrypt free SSL. This will work if you are using shared web hosting. Just scroll to the top of this article to where I show you how to do this.
If you use GoDaddy’s shared hosting, then you cannot use Let’s Encrypt, instead, you can use CloudFlare’s free SSL. Learn how to install Cloudflare.
When installing an SSL you have few options. GoDaddy’s SSL certificate costs $63.99 and up. This means for many this is too much for a service that other web hosting providers include for free.
This means you have 2 good alternatives:
Below is a table that compares the GoDaddy to Let’s Encrypt and Namecheap, in terms of price and how many days the certificate is valid.
| GoDaddy | Let’s Encrypt | NameCheap | |
| Price / Year | $63.99 / Year | Free | $8.88 / Year |
| Days valid | 365 days | 90 days | 365 days |
If you are thinking of buying a GoDaddy WildCard SSL Certificate then be aware that there is a free and cheaper option.
Wildcard SSL Certificate is able to cover all your subdomains, so this is useful if you have many of them. If you only have 1-2 subdomains then it’s probably cheaper to just get a single one for each.
Your Wildcard SSL Certificate alternatives for GoDaddy are:
| GoDaddy | Let’s Encrypt | NameCheap | |
| Price / Year | $295.99 / Year | Free | $71.95 / Year |
| Days valid | 365 days | 90 days | 365 days |
Noup, there is no way for you to try the SSL certificate on GoDaddy before you buy it. But to be honest, no-one else gives free trials either. It’s pretty straightforward to get started with SSL, and there is nothing to trial. They are all the same.
However, you can check your alternatives for a cheaper & free SSL certificate that you can install on Godaddy, just click here.
Actually, you can’t install an SSL Certificate to a GoDaddy domain. Because the certificate is installed to the web hosting and not the domain. So if you have a domain from GoDaddy, but your web hosting is with another web host.
Then you need to install the SSL certificate on the other web host because the SSL encrypts the communication between your server (web hosting) and your website visitor.
Sslforfree and ZeroSSL are just online tools that enable you to easily create an SSL certificate for your website for free. I find it easy to use and mostly it works without problems and as you can see above, I’ve created a tutorial on how to use Sslforfree and ZeroSSL (old tutorial) to secure your GoDaddy website.
There are other tools like ZeroSSL, which can do exactly the same for example sslforfree.
Essentially they just enable you to go through the certification creation process without knowing any coding. The tool was created by Alexander Yezhov as a side project and I don’t think he gets any money for this. So big thanks to him!
Unfortunately, there is no free SSL certificate for 1 year. The best you can get is Let’s Encrypt which is valid for 90 days. Just scroll to the top of this article and I’ll show you how to install it in cPanel.
View Comments
during the verification it does not find my domain which is registered on co.in
at what step it doesn't approve? the domain name shouldn't effect it, as far as I know.
Fantastic tutorial! Thank you!
You are welcome J! SSL secures your site nicely
works like a charm!!! thnx a million :D
You are welcome Roger, happy it worked for you! Just remember it expires in 90 days, I just put calendar reminders
I get a 404 error when trying to verify. I have wordpress installed on my host, and I think it is stopping me from accessing files on my public home. I am unable to browse any files in my directory. Is there a way to get around this?
Hey Danny, this usually works with Wordpress. Are you on MIME? Some users on my YouTube channel had similar issues.
I'm not that familiar with MIME.
Here is the video: https://youtu.be/GPcznB74GPs
I took this from youtube Carlos Andre Fonsec comment:
Anyone with 404 in the verification, insert the expression "text/plain ." in the MIME of the server, to open files without extension.
I was getting a 404 error when checking to make sure the 2 files are correctly connected.
My server is from godaddy, and I was not configured in MIME for my server to read files without extension.
This MIME configuration causes your server to read files without extension as if it were a txt.
hello robert i don't have cpanel. any solution to install free ssl for this . thank you. i am using godaddy wordpress hosting.
Hi Rajesh, unfortunately from what I know, it's not possible. Do you have access to your DNS settings for your domain? If so you could try to install cloudflare which will add HTTPS to your site. Here is a video: https://www.youtube.com/watch?v=vOJiJUpy_Mo
Great Work...
Thanks Vishesh, I hope this was useful!
Hi, great tutorial, I followed it exactly and it worked great. Since then i have changed a few page names and added a few pages, now those pages show "not secure" in microsoft edge an chrome? Do i need to re-do the ssl process after changing page names and adding pages? Thanks
HI Marc, no need to redo the SSL when adding new pages. What kind of error are you getting? is it yellow padlock or exclamation mark? You might have mixed content error. If this is the case check this: http://punchsalad.com/ssl-certificate/install-lets-encrypt-godaddy/#chapter4b
I hope this helps.
Ok, Thanks!! it's exclamation point, mixed content warnings. I followed the video and looks fixable, i see the new images that caused it.. Also, in your video you changed the wordpress address to https:// ~ I have tried this twice and i get kicked out of wordpress completely and have to get go-daddy to reset it so i can get back in. So right now it shows http:// in both places (wordpress) but i'm secure except for the images i added that need to be fixed.
I was about to buy SSL for my site and I searched for a free alternative. Then I came across this article and it worked!
Awesome tutorial! Thanks a bunch!
You are welcome, yeah the only downside with the free one is that you have to do it every 90 days, but it only takes 10mins once you know what you are doing. Cheerio!
""" There is a way to setup certbot to renew the SSL certificate automatically, but this requires knowledge of shell/terminal """
I didn't see how to do this in the guide. Is there an article that covers the steps for this?
Hello Hunter, yes there is away, I haven't done it myself. Here is a video to get you started: https://www.youtube.com/watch?v=tNXvQzAIflQ
I hope this helps