If you want to do this, the only hassle is that you have to redo it every 3 months. So if you’re willing to do that, you will never have to pay for another SSL certificate for your website.
Here it is the secret in easy steps. Bookmark this page.
Go to zerossl.com
Click “Online Tools”
You will go to a page that says: FREE SSL Certificate Wizard. Click on the START button in the top section. See below.
This brings you to the following screen.
In this case we will ignore the left half of the screen. Type your domain name on the right side. Use both yourdomain.com separated by a comma and a space with www.yourdomain.com as indicated above.
On the bottom right there are two boxes, click them both. Then click NEXT.
This will now “Generate your CSR”. Just wait until it completes. It takes a minute.
Then you come to this screen below.
Here you download a copy of your SSL request and click next. Your account key will then be generated. This also takes a minute. Just wait until it’s done.
Then download your two keys. Once that’s done, do not close this page. You will still need it. Open a new tab and go to your cPanel. In my case I use GoDaddy.com, but whatever provider you use, the cPanel setup will be basically the same.
Inside your cPanel, open your File Manager.
- Find a folder called public_html and navigate into it.
- Inside public_html create a folder called .well-known [the dot in the beginning is important]
- Navigate into .well-known and create another folder called acme-challenge
- Navigate into that folder and then upload the two files you downloaded from zerossl.com. They will look something like this:
Once these files are uploaded with your cPanel, navigate back to your cPanel main page and scroll down until you see “Security”. Under that section click on SSL/TLS.
Then click on the last item below. It’s under Install and Manage SSL for your site (HTTPS) and it’s called Manage SSL sites.
Then you come to a page called “Manage Installed SSL Websites”. You must find your website for your certificate.
Then click on Update Certificate. This will bring you to a page with three boxes. You will paste information into these three boxes that you still have on your open zerossl.com page.
Information from the right hand side of the zerossl.com page is actually two keys. Copy that and paste it into the top box of your cPanel Manage SSL page. It will say it’s an invalid certificate because you have two certificates. You have to find the middle part and cut and remove it out, then paste that into the bottom (not the middle) of the Manage SSL page. Then you go back to the zerossl.com page and copy the information from the left side of the screen and paste it into the middle box of your Manage SSL page.
That’s it.
