How to Install Free SSL From Let’s Encrypt on Shared Hosting
access_time
hourglass_empty
person_outline

How to Install Free SSL From Let’s Encrypt on Shared Hosting

Let’s Encrypt introduced free SSL certificates quite some time ago. It made possible for website owners to offer encrypted HTTPS connection for their visitors totally free of charge. Before Let’s Encrypt, the only way to get a valid SSL certificate was to purchase it from a seller.

Update: 

Tutorial Status: Deprecated

Hostinger, now offers cheap SSL certificates for a lifetime. It’s worth to check this offer, if you are serious about the protection of your website and don’t want to deal with tricky SSL installation and setup.

Let’s Encrypt SSL certificate can be installed with just a few lines of code on a VPS or dedicated server, however, installation on shared hosting accounts is still a bit complicated (unless it uses cPanel).

Hostinger doesn’t yet have an auto-installer for Let’s Encrypt SSL certificates (we are working on this), but there is a workaround – it can be installed manually using ACME client written in PHP and composer.

This tutorial shows how to install free SSL from Let’s Encrypt on Hostinger shared hosting.

What you’ll need

Before you begin this guide you’ll need the following:

  • Hostinger Premium or Business account.
  • SSH client.

Step 1 – Enabling SSH Access

SSH access is required in order to install SSL on shared Hostinger account. By default it’s disabled, but you can easily enable it by following these steps:

  1. Access Hostinger control panel and navigate to SSH section.
    Hostinger SSH Section
  2. Click on Disabled to change status to Enabled. Hit Update button.
    Hostinger Enable SSH
  3. The page will refresh and you should see information required to connect via SSH. Write it down as you will need it in the next step.
    Hostinger SSH Information

Step 2 – Installing ACME client and Composer

We will use ACME client written in PHP and composer to generate Let’s Encrypt SSL certificate.

First of all, you will have to connect to your hosting account via SSH and download all required components. If you are running macOS or Linux, you can use terminal to connect via SSH, Windows users can take advantage of Putty SSH client.

  1. Connect to your hosting account using SSH information from Step 1.3. In our example, it would be:
    ssh x123011738@31.170.164.22 -p 65002
  2. Clone acme client from github repository. Cloning can be done by executing the following command:
    git clone https://github.com/kelunik/acme-client
  3. Access ACME client directory:
    cd acme-client
  4. Download and install the composer:
    php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"; 
    php composer-setup.php;
    php -r "unlink('composer-setup.php');";
    php composer.phar install --no-dev

Step 3 – Generating SSL Certificate

Once you have downloaded and installed ACME client and composer, you can proceed and generate free SSL from Lets Encrypt. Firstly, register an account by running this command:

php bin/acme setup --server letsencrypt --email your@email.com

Note that you need to change your@email.com to your actual email.

The process of generating SSL certificate is pretty straightforward. Execute the following command:

php bin/acme issue --domains yourdomain.com:www.youdomain.com --path /home/x123011738/public_html:/home/x123011738/public_html --server letsencrypt

Change yourdomain.com to your real domain name and x123011738 to your actual username (you can check it on Step 1.3).

If certificate was issued successfully, you will see the following message:

Requesting certificate ...
Successfully issued certificate.
See /home/x123011738/acme-client/data/certs/acme-v01.api.letsencrypt.org.directory/yourdomain.com

ACME client generated certificate and private key files. Unfortunately, installation cannot be done via SSH due to security restrictions. Therefore, you first need to manually copy certificate and private key files to your computer. It can be done using simple copy / paste method. Firstly navigate to the directory where private key and certificate files are stored:

cd /home/x123011738/acme-client/data/certs/acme-v01.api.letsencrypt.org.directory/yourdomain.com

Use cat command to see contents of fullchain.pem file:

cat fullchain.pem

Copy the part marked in red and save it in a text file on your computer. Name the text file certificate.txt.

Let's Encrypt Certificate Copy

Now do the same with private key:

cat key.pem

Copy the private key (as shown in the screenshot) and save it in a text file as well. Name it privatekey.txt.

Let's Encrypt Key Copy

The hardest part is over. You can now proceed with the installation of SSL certificate.

Step 3 – Installing Certificate via Hostinger members area

At this step you should already have certificate and private key saved in txt files on your computer. The final step is to install SSL certificate on your hosting account. It can be done via SSL section:

  1. Access Hostinger members area and navigate to SSL section.
    Hostinger SSL Section
  2. Select the domain from the drop down menu for which you want to install SSL certificate.
  3. Paste contents from certificate.txt to Certificate:(CRT) and contents from privatekey.txt to Private Key:(KEY) fields. Press Install button once you are done.
    Installing SSL via SSL Section
  4. Once the installation is complete, you will see a success message.
    SSL Install Success

That’s it, you have successfully installed free SSL from Let’s Encrypt on shared hosting account. Your domain name will now work via HTTPS protocol.

Step 4 – Checking expiration date and renewing SSL certificate

Let’s Encrypt SSL certificates are set to expire every 90 days. You can check its expiration date via SSH using the following command:

php acme-client/bin/acme check --name yourdomain.com --server letsencrypt

You can also try to automatically renew Let’s Encrypt SSL certificate with a cron job. For example, in order to automatically renew SSL certificate, you can set cron job to run the following command every other month:

php acme-client/bin/acme issue --domains yourdomain.com:www.yourdomain.com --path /home/x123011738/public_html:/home/x123011738/public_html --server letsencrypt

On Hostinger, cron jobs can be created on Advanced Cron Jobs section. You can use the following settings:Cron Job to Renew Let's Encrypt on Shared Hosting

 

  • Common Option(s) – Once a month (0 0 1 * *)
  • Minute(s) – :00 top of the hour (0)
  • Hour(s) – 12 a.m. Midnight (0)
  • Day(s) – 1st (1)
  • Month(s) – Every other month (*/2)
  • Weekday(s) – Every weekday (*)

Conclusion

Let’s Encrypt SSL certificates are great if you want to run your websites on HTTPS but don’t want to invest any money. This tutorial intended to show you a workaround you can use to install free SSL from Let’s Encrypt on shared hosting account.

The Author

Author

Domantas G. / @domantas

Domantas leads the content and SEO teams forward with fresh ideas and out of the box approaches. Armed with extensive SEO and marketing knowledge, he aims to spread the word of Hostinger to every corner of the world. During his free time, Domantas likes to hone his web development skills and travel to exotic places.

Related tutorials

Author

Eyzi Reply

April 13, 2017

Thank you for this awesome guide. It was very helpful. I was just wondering if there’s a way to create a certificate for subdomains of my website as well, or do I have to create a separate certificate for each?

    Author

    domantas

    Replied on April 13, 2017

    I am glad this tutorial helped you. If you want to use let’s encrypt on subdomains, you will have to install a different certificate for each subdomain. This means that you will have to repeat installation process for each subdomain.

      Author

      froberto

      Replied on September 13, 2017

      Can you help me? What is the command to use with subdomain? Thank you

        Author

        Andre

        Replied on March 28, 2019

        I guess it will be the same, just change the 'domain.com' to 'sub.domain.com'

Author

Emily Reply

April 13, 2017

Thanks for free ssl!

    Author

    malik

    Replied on April 13, 2017

    bonjour tout le monde! quelqu’un peut-il m’aider pour installé SSL Gratuitement

Author

hackerrahul Reply

April 13, 2017

I have installed ssl on my primary domain which is hackerrahul.com but when i installed it on my subdomain blog.hackerrahul.com , the tiny lock in the url bar is not coming and when i click over there it is saying that connection is not private. please tell me whats is that. thanks

    Author

    domantas

    Replied on April 13, 2017

    Have you tried to clear you browser cache? I just checked and blog.hackerrahul.com displays a green pad lock for me which means connection is encrypted on your blog subdomain.

Author

Will Procter Reply

April 13, 2017

Brilliant Guide! Thank you so much for this, it took a couple of goes, and it may need updating as I got a couple of errors, but it worked fine overall. Any ideas on creating an automated version, maybe with a cron trigger? I say this as letsencrypt only lasts 90 days, and they advise to configure scripting to do this for you?

    Author

    domantas

    Replied on April 13, 2017

    We are glad it helped. You can use cron job to renew Let’s Encrypt SSL every 90 days. For example: php acme-client/bin/acme issue --domains yourdomain.com:www.yourdomain.com --path /home/x123011738/public_html:/home/x123011738/public_html --server letsencrypt would renew the certificate automatically.

      Author

      Hampus Härling

      Replied on June 07, 2017

      When i run php acme-client/bin/acme issue –domains yourdomain.com:www.yourdomain.com –path /home/x123011738/public_html:/home/x123011738/public_html –server letsencrypt It says Could not open input file: acme-client/bin/acme

        Author

        Linas Jusys

        Replied on August 01, 2017

        Probably try giving absolute path to acme-client, or launch it from its bin directory. Then as well have you changed yourdomain.com:www.yourdomain.com to you personal domain accordingly? As well is this: /home/x123011738/public_html your website path? Use pwd command to check your absolute path.

Author

Audun Hilden Reply

April 13, 2017

Hey, this thing: Connect to your hosting account using SSH information from Step 1.3. In our example, it would be: ssh x123011738@31.170.164.22 -p 65002. I connect to that, just chaning my IP.: ssh x123011738@MYIP -p 65002. And it gives a password, but it says its wrong even though its not?

    Author

    domantas

    Replied on April 13, 2017

    Have you changed your username as well? First part (bolded) should be changed as well x123011738@31.170.164.22

      Author

      Mikhail Thomson

      Replied on April 26, 2017

      What should I specify in place of x123011738!?

        Author

        Linas Jusys

        Replied on August 01, 2017

        This should be your hostinger account user id. Use comment named: pwd to check your absolute path on linux.

Author

Zigurd Reply

April 13, 2017

Great topic! I have a question - is it possible to use free SSL for subdomains if I use CLOUDFLARE, my subdomain is added via A record? ssh shows me php issue 203 and notice: couldn’t resolve the following domains to an IPv4 nor IPv6 record…. anybody now how to fix it?

    Author

    domantas

    Replied on April 13, 2017

    Hey, It’s not possible to use Let’s Encrypt with CloudFlare because of server configuration. You get 203 and notice: couldn’t resolve the following domains to an IPv4 nor IPv6 record because domain name is not pointing directly to Hostinger’s IP address. Solution would be to turn off CloudFlare and point it directly, or use free SSL from CloudFlare: https://www.cloudflare.com/ssl/

Author

Nicolas Reply

April 13, 2017

Thank you for this useful guide. Works like a charm for me. Just a question, after renewing Let’s Encrypt SSL, is there a way to automate the installation of the new certificate on the web server? Thanks.

    Author

    domantas

    Replied on April 13, 2017

    Hey Nicolas, Unfortunately, it’s not yet possible to automate the installation process. However, in a few months Hostinger will completely automate free Let’s Encrypt SSL installation and renewal process :)

      Author

      raz

      Replied on June 28, 2019

      Hello the guide says it's now deprecated, is it true? no more let's encrypt certs?

        Author

        Domantas G.

        Replied on September 24, 2019

        Hey Raz, Yes, that's correct.

Author

1000io Reply

April 13, 2017

I have this problem (3) in the process of generating SSL certificate: Providing payload at http://www.xxxx.com/.well-known/acme-challenge/REfBSEEgrAEV8Tz3StJ44GU15UsrhCbAGsT6u9YvC9U Providing payload at http://xxxx.com/.well-known/acme-challenge/FiX5I3YY_p_wcKDyXyjI3dJRcV-AuFtEPSMBLn6z2Ok selfVerify failed, please check http://www.xxxx.com/.well-known/acme-challenge/REfBSEEgrAEV8Tz3StJ44GU15UsrhCbAGsT6u9YvC9U. selfVerify failed, please check http://xxxx.com/.well-known/acme-challenge/FiX5I3YY_p_wcKDyXyjI3dJRcV-AuFtEPSMBLn6z2Ok. Kelunik\Acme\AcmeException: Issuance failed, not all challenges could be solved. in /home/uxxx/acme-client/src/Commands/Issue.php:104 ¿Can anyone help me?

    Author

    Rabins Sharma Lamichhane

    Replied on April 13, 2017

    Seems like you already installed SSL certificate. Sometimes when you have installed for the main domain but not installed for sub-domains and now you like to install on other domains or the main domain again. In this case while verifying the payload it forces via https but it should be load via http to be verified. But when you try opening http it forces to http and it becomes impossible to verify. Solution: Delete the Certificate via Hostinger members area and try running the command again. And now after verification install the certificates via same member area.

Author

Sekander Badsha Reply

April 13, 2017

Thank you. I have just installed SSL on my personal blog. My blog has a shared hosting from Name Cheap

Author

Gabriel Reply

April 13, 2017

Thank you very much, it helped me a lot, now my domain is https://myweb.com . The problem now is when I try to test my web throug gtmetrix, it gives me this error: “Analysis Error The SSL certificate for this site is not trusted in all web browsers You may have an incorrectly installed SSL certificate. Check your SSL certificate at SSLShopper” Following the link it says: “The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate. “ How could we solve this problem? Thank you very much!

    Author

    Albert

    Replied on April 13, 2017

    Same problem here! did you find out what to do?

      Author

      Lucas Bustamante

      Replied on November 13, 2017

      Same here!

        Author

        Lucas

        Replied on September 16, 2019

        Same problem. Any solution ?

Author

Gerardo Castro Reply

April 13, 2017

Great tutorial, everything work fine! Thanks!

Author

msd Reply

April 13, 2017

Very Good! Thanks.

Author

Max Reply

April 13, 2017

Thank you for this really good guide.

Author

Jimmy Ahyari Reply

April 13, 2017

Thanks for awesome detail tutorial to install lets encrypt on shared hosting. Suppperrrb (y)

Author

Muhamad Reply

April 25, 2017

hy, thanks for the good post, i followed the step but i'm failed in step 3, in the comand php bin/acme issue..., please advice how i fix that, thanks before

    Author

    Domantas G.

    Replied on April 26, 2017

    Hey, Do you get any errors? If so, please provide exact error message here.

Author

Cameron Reply

May 08, 2017

I made a script that will automate this for you, mostly . . . Still trying to figure out the automation of the cpanel parts with their API https://gist.github.com/abstracted/58e80ba8633a72d5abe03147717879a6

Author

Tony Cervantes Reply

May 14, 2017

Hello! I have an issue with SSL, I've programmed a CronJob in my hostinger panel, but the certificate didn't renew automatically, so now my site is an insecure site. I've tried as well to delete the certs but I couldn't. I don't know what to do now because I can't install a new certificate in my site. I need your help or if hostinger have spanish support to install SSL and renew them or delete. I hope I've been explained. Greetings!

Author

Jack Reply

June 16, 2017

Hi After completion of the SSL following your instructions here, all seemed fine. However, once I viewed my site via the secured https protocol, all contents were blocked. Kindly advise what needs to be done. Do I need to remove the site and re-FTP the entire site? Thanks.

    Author

    Domantas G.

    Replied on June 16, 2017

    Hey, Most likely assets (images, css, etc) are still loaded via http instead of https on your site. If you are on WordPress, see this tutorial on how to properly move from http to https.

      Author

      Juan Reyes

      Replied on June 19, 2017

      Hi, it's a great tutotrial. But does it work for a free account? Can a free account user change from http to https?

        Author

        Domantas G.

        Replied on June 20, 2017

        Hello, Unfortunately, it will not work on a free account. However, we offer free SSL with out of the box install for our paid clients. Find out more https://www.hostinger.com/free-ssl-certificate

Author

Luis Reply

June 29, 2017

Dear, I am Hostinger Brazil client, I are I followed every step. However, my fullchain.pem is always generating two certificates. And the key.pem file is only generating a private key. I try to put one of the two certificates with the unique private key, in the install part of the SSL certificate panel. But it is always generating error in any of the generated keys. My domain ends in xyz.

Author

ron michel Reply

July 08, 2017

does one turn off ssh after? also has anyone done this soley on an android. i shall attempt it, but think it is not able to be completed on android. alas monday will come tjen i can do it on windows. ps great guide, it has an easy to follow flow.

Author

Riyad Reply

July 12, 2017

What will happen if make a symlink?? ln -s /home/x123011738/acme-client/data/certs/acme-v01.api.letsencrypt.org.directory/yourdomain.com/cert.pem /home/x123011738/ssl/certs/ssl.crt remove the original file and make a symlink with letsencrypt. will it work??

    Author

    Domantas G.

    Replied on July 16, 2017

    Hey, You cannot create symlinks on shared hosting, unfortunately.

    Author

    Linas Jusys

    Replied on August 01, 2017

    Use cronjob to `cp -rf` updated certificate each time you renew it. Using acme-client.

Author

Fabiano Sarmento Reply

July 21, 2017

I installed the SLL certificate on my site and everything went well however when I access the link using HTTPS all web browsers issue an alert that the site is not secure. What can be done about it?

    Author

    Domantas G.

    Replied on July 28, 2017

    Hello, Most likely some of your resources are still loaded via http, you need to update all image, css, js links to https

Author

Paul Reply

August 03, 2017

I looked at some Youtube videos for other hosts. They had Let's Encrypt as a simple click option. Hostinger has many strengths - but I think you are behind on this one given SSL is so important you should make it easier to install.

    Author

    Domantas G.

    Replied on August 05, 2017

    Hey, As per tutorial "Hostinger, now offers cheap SSL certificates for a lifetime. It's worth to check this offer, if you are serious about the protection of your website and don't want to deal with tricky SSL installation and setup. "

Author

Abhinav das Reply

October 11, 2017

This works fine on other providers also. Thanx for your guide

Author

Leo Reply

October 17, 2017

Thank you sir, this is very easy steps

Author

Zee Reply

November 02, 2017

Nice article, I followed this tuts. But the green padlock doesn't appeared

    Author

    Domantas G.

    Replied on November 10, 2017

    Hey Zee, Make sure ALL resources are loaded via https. You will not get green padlock if images and scripts are loaded via http instead of https.

Author

Stefan Reply

November 07, 2017

I purchased premium pack shared hosting + SSL lifetime, but my website does not show HTTPS. What can I do for activate it ?

Author

Javier Reply

January 07, 2018

THANK YOU! Works like a charm!

Author

Hennadii Reply

February 02, 2018

Tell me please what the minimum PHP version should be installed in order to use this code?

Author

hkc Reply

February 13, 2018

I try to renewd the certificate using this, "php acme-client/bin/acme issue --domains yourdomain.com:www.yourdomain.com --path /home/x123011738/public_html:/home/x123011738/public_html --server letsencrypt", it shows the new expiry date, but in browser the date is not changed. Do I need to copy the Private Key and CRT everytime after renewal?

Author

manish Reply

February 14, 2018

"The certificate is not trusted in all web browsers." how to fix this ?

    Author

    Gediminas B.

    Replied on February 15, 2018

    Do you still encounter this issue? I have visited your website and it loads properly via HTTPS using 3 different browsers (Safari, Chrome, Firefox). In case it happens on a different domain, I would recommend trying a different SSL installation method. You can do it using this free tool. Last but not least, you could try to purchase our lifetime SSL certificate. You can set it up in just a few clicks and it will be automatically renewed for as long as you use our hosting services! ;)

Author

Max Reply

February 20, 2018

CRON keept returning these: Next Kelunik\Acme\AcmeException: POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz failed: Allowed transfer timeout exceeded: 15000 ms in /home/u436168250/acme-client/vendor/kelunik/acme/lib/AcmeClient.php:290 Any ideas how I could fix this?

    Author

    Domantas G.

    Replied on February 27, 2018

    Hey Max, Unfortunately, this tutorial is deprecated and we no longer support this method of installing let's encrypt.

Author

adamu musa Reply

April 17, 2018

This guide was little confusing but after reading and doing three times I succeeded in installing my SSL thanks

Author

Shahbaz Anshari Reply

November 19, 2018

Thanks for this great tutorial. I am searching for this for a long time, finally able to install the SSL on my website

Author

Federico Reply

December 17, 2018

Thank you very much! It's perfect

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Become a part of Hostinger now!

More in SSL
How to Force HTTPS

Close