close
Breaking news

YouTube users’ ads secretly mine cryptocurrencies from user’s computer T...read more

Install SSL Certificate to you domain hosted on shared hosting server

Install SSL Certificate to you domain hosted on shared hosting server

SSL Certificate provides an extra security layer to your website. It provides secure and encrypted communications between websites and user’s internet browser. SSL stands for Secure Socket Layer. SSL Certificate is must have when your website deals with users sensitive data, for example, users name, email id, credit/debit card details etc.

SSL Certificates are provided by trusted Certificate Authority (CA) and there are some trusted open CA who provides SSL Certificate for domains for free. Usually, they provide SSL Certificate that you have to renew every 90 days in order to maintain the authenticity of your website.

Although open CA’s are free you have to process some complex steps to obtain and install SSL certificate to your domain. These steps are essential in order to prove the ownership of your server and website.

One of the most popular open CA is Let’s Encrypt and we are using that CA for our SSL certificates and I’ll show the steps for obtaining SSL Certificate from that CA.

If you are an owner of a dedicated server and you have sudo privileges in shell access then there’s another way and relatively less manual steps for install SSL Certificate to your domain. I will post that process also on my next blog.

But if your server hosted on shared hosting server then you may not have sudo access and you have to follow below steps to get SSL Certificate for your domain

prerequisite

Before begins make sure you have

  • CPanel Access to your server
  • Shell access to your server

Nowadays Shell access is generally given to users with their panel access.

if you have hosting in BigRock or Hostgator then follow below steps for Shell access. For other providers follow the documentation or contact with the support.

for Linux user:

Run the below command

ssh -l user remote-server

where user is your cpanel user id and remote-server is your server’s IP address or your domain name.

enter Cpanel password for when prompted.

for windows user:

Open Putty and enter the Remote Host Name or IP Address.

Click Open and enter the cPanel username and password.

Above was sh access that you will be required in below steps.

Go to https://gethttpsforfree.com/

This tool/website will take you through the manual steps to get your free https certificate so you can make your own website use https!

Now enter email id associated with your domain.

Enter your account public key

if you have a key pair in your server, use it else follow below steps

  • Login to sh access
  • Generate an account private key if you don’t have one running below command:
    openssl genrsa 4096 > account.key
  • Print your public key:
    openssl rsa -in account.key -pubout
  • Copy and paste the public key into the box
  • Click on validate account info

Now Step 2 Certificate Signing Request

for this step, you have to login into your cpanel and follow below step to generate CSR

  • Go to SSL/TSL under Security section
  • Click on “Generate, view, or delete SSL certificate signing requests” below Certificate Signing Requests (CSR)
  • enter domains, city, state, country, company (enter domain without extension (.com, .in) if you don’t have company name) email passphrase (optional)
  • Click on generate
  • After that will get Encode CSR
  • Paste that into the below box
  • Click on validate CSR

Step 3 Sign API Request

to do this:

  • login to sh access (you may already have)
  • run the first signature commands
  • copy the output and paste into the below box
  • repeat above two step for 2nd and 3rd signature commands
  • Click on Validate Signature

Step 4 Verify Ownership

As you have no sudo access so given option 1 will not work for you. In option 2, basically, you have to serve a file at a specific URL under your domain.

  • you can do this by either from the terminal or from the file manager
  • in both cases go to your domains root folder and make folder and subfolder and a file to make the URL when you have to serve the content.
    generally, the file structure would be domain root >> .well-known >> acme-challenge >> file with unique code name
  • edit the file and enter the value written in Server this content box
  • copy and paste the URL from under this URL box and paste into your browser in order to validate that content is served or not.
  • Click on I’m serving this file on <yourdomainname>

At this step, you might get an error message and asked to repeat from step 1. I don’t know why this happens but it happened with me both time when I went to install SSL.

But you don’t need to panic! you have not repeat every step from the beginning.

Just go to step 1 and click on the buttons of every step. You may do the step 3 completely as the value of signature command goes blank but for rest just click on the buttons.

Final Step: Install Certificate

Now you’ll get the Signed Certificate.

  • Copy that certificate
  • go to SSL/TSL under security from cpanel
  • click on “Manage SSL sites” under Install and Manage SSL for your site (HTTPS)
  • Select your domain (if it’s not selected)
  • Paste certificate into Certificate box
  • Click on autofill (it will fill the private key and CABUNDLE (if applicable))
  • Click on install certificate

That’s it! Your website now successfully move to SSL. To validate SSL certificate go to the website from where you copy the certificate and click on Test my install.

This will test your SSL Certificate and gave the rank of the certificate.

After successfully install SSL Certificate you may want to redirect your users and traffic from HTTP to HTTPS. To do that:

  • go to your domain root directory
  • open .htaccess file (if you not able find that file in file manager then you have enabled hidden files from settings)
  • add this code at the beginning of the file
    RewriteEngine On
    RewriteCond %{HTTP_HOST} ^abcd\.com [NC]
    RewriteCond %{SERVER_PORT} 80
    RewriteRule ^(.*)$ https://www.xyz.com/$1 [R,L]
  • if RewriteEngine On already there the don’t need to paste that line again
  • save .htaccess

That’s all now all traffic on your website will redirect on https only.

Point to be noted:

  • This process will install SSL Certificate from Let’s Encrypt
  • you may face the issue on step 4 while creating the folder named .well-known after created it may not visible if so, then go to setting from right upper and check on show hidden files.
  • whenever you face any doubt in the website https://gethttpsforfree.com/ click on (how do I generate this?) and follow instruction.
  • It will be easier if you follow steps for creating folders from the terminal. Instructions are given under (how do I generate this?)
  • If you have any issue by following above steps just contact me by the comment on this post or by other communications. You can find my contact details on my website.

 

Tags: , , , ,

No Comments

Leave a reply

Post your comment
Enter your name
Your e-mail address

Story Page