Let’s Encrypt is a trusted, open source certificate authority that offers free SSL certificates for as many domains as you want – and now there are easy ways to integrate it with cPanel for one-click, automated certificate installation that takes mere seconds to complete.
Installing an SSL certificate with Let’s Encrypt is already fast, but if you own a hosting business, you’re a developer who manages clients’ sites, or you want an even faster solution, then there are three Let’s Encrypt plugins you can integrate into cPanel, including an official plugin by cPanel.
In this post, I’ll cover how to install each of the three Let’s Encrypt plugins for cPanel and how you can use them to install and renew free certificates in a few seconds.
To run any of the three plugins for cPanel there are a few prerequisites:
- You need cPanel installed with a valid license
- Root and SSH access to your server
- The basic requirements for using Let’s Encrypt:
- Unix-type OSes that include Python 2.6 or 2.7
- For the official cPanel plugin:
- cPanel and WHM versions 58.0.17 or above
- For the plugin found on GitHub, you need:
- A Centos five, six or seven server
- A static IP address if you have Centos five
- For the Let’s Encrypt for cPanel plugin, you need
- i386 or x86_64 CentOS 6 or 7 (5 is not supported)
- WHM 11.52 or higher (CloudLinux and LSWS compatible)
- Remote access key has been generated (/root/.accesshash)
If you don’t have a remote access key generated but want to use the Let’s Encrypt for cPanel plugin, log into WHM and go to Clusters > Remote Access Key and click theGenerate New Key button.
It may be important to note that the Let’s Encrypt for cPanel plugin is the only premium option on the list. It’s $30 and there’s a free trial available. If you would like to try it out before purchasing a license, you can install it with a trial license automatically.
If you decide to purchase a premium license after all, you can replace the trial licensee on your server with the premium license file. The details on this can be found on the Let’s Encrypt for cPanel Installation page.
Once you have all the server requirements for the plugin you want to use, you can go ahead and install it. Feel free to skip ahead to the one you want to install:
- Let’s Encrypt for cPanel Installation
- Free Let’s Encrypt cPanel GitHub Plugin
- Free Official cPanel Plugin
1. Let’s Encrypt for cPanel Installation
Installing the cPanel Plugin
Log into your SSH client at root level, then add the Let’s Encrypt repository with the following command:
|cd /etc/yum.repos.d/ && wget https://letsencrypt-for-cpanel.com/static/letsencrypt.repo|
Next, install the plugin for cPanel with line below and
|yum -y install letsencrypt-cpanel|
The installation process usually takes about a minute. If all goes well and the installation was successful, a test should run automatically.
If it renders similar messages as the example below, you’re good to go:
|[SELF-TEST] Can read config ………… SUCCESS.|
|[SELF-TEST] Can connect to daemon and check licence ………… SUCCESS.|
|[SELF-TEST] Can connect to Lets Encrypt ………… SUCCESS.|
|[SELF-TEST] Can talk to WHM API ………… SUCCESS.|
|[SELF-TEST] Can talk to plugin RPC ………… SUCCESS.|
You can log in to your cPanel account and install your first SSL certificate.
Installing a Certificate
Once you’re logged into cPanel, you should see a Let’s Encrypt for cPanel button under Security. Click on it to access your active domains list to install a certificate.
Toward the bottom of the page, you should see the Issue a new certificate section. You should see a list of all your active domains including variations of them with and without a www. prefix.
You can check multiple boxes to install more than one certificate at a time or click the Issue Single link beside the domain where you want your certificate installed.
If you check multiple boxes, click one of the Issue Multiple links at the top or bottom of the list.
Next, click the checkboxes next to the domains you don’t want to include if you selected multiple ones on the list on the previous page. Also select which domain you wish to be the primary one users are going to visit.
If you use one of the domains to access your email, also check the box labeled Install mail SMTPS/POP3S/IMAPS SSL certificate. Finally, click Issue to install your certificates.
The installation process takes about 10 seconds, but can take up to 45 seconds depending on how many certificates you have selected to issue. When the process has completed, you should see a message letting you know the installation was a success.
If something went wrong, try again. It usually works the second time around.
When you return to the main page, you should see your domains with certificates installed listed at the top of the page. You can click the Remove links to delete certificates one-by-one, or the Reinstall link to renew the certificates before the expiry date.