How to Install Free SSL From Let’s Encrypt on Shared Hosting

Let’s Encrypt introduced free SSL certificates quite some time ago. It made possible for website owners to offer encrypted HTTPS connection for their visitors totally free of charge. Before Let’s Encrypt, the only way to get a valid SSL certificate was to purchase it from a seller.

Let’s Encrypt SSL certificate can be installed with just a few lines of code on a VPS or dedicated server, however, installation on shared hosting accounts is still a bit complicated (unless it uses cPanel).

Hostinger doesn’t yet have an auto-installer for Let’s Encrypt SSL certificates (we are working on this), but there is a workaround – it can be installed manually using ACME client written in PHP and composer.

This tutorial shows how to install free SSL from Let’s Encrypt on Hostinger shared hosting.

What you’ll need

Before you begin this guide you’ll need the following:

• Hostinger Premium or Business account.
• SSH client.

Step 1 – Enabling SSH Access

SSH access is required in order to install SSL on shared Hostinger account. By default it’s disabled, but you can easily enable it by following these steps:

1. Access Hostinger control panel and navigate to SSH section.
   
2. Click on Disabled to change status to Enabled. Hit Update button.
   
3. The page will refresh and you should see information required to connect via SSH. Write it down as you will need it in the next step.
   

Step 2 – Installing ACME client and Composer

We will use ACME client written in PHP and composer to generate Let’s Encrypt SSL certificate.

First of all, you will have to connect to your hosting account via SSH and download all required components. If you are running macOS or Linux, you can use terminal to connect via SSH, Windows users can take advantage of Putty SSH client.

1. Connect to your hosting account using SSH information from Step 1.3. In our example, it would be:
   ssh x123011738@31.170.164.22 -p 65002
2. Clone acme client from github repository. Cloning can be done by executing the following command:
   git clone https://github.com/kelunik/acme-client
3. Access ACME client directory:

   cd acme-client

4. Download and install the composer:

   php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"; 
   php composer-setup.php;
   php -r "unlink('composer-setup.php');";
   php composer.phar install --no-dev

Step 3 – Generating SSL Certificate

Once you have downloaded and installed ACME client and composer, you can proceed and generate free SSL from Lets Encrypt. Firstly, register an account by running this command:

php bin/acme setup --server letsencrypt --email your@email.com

The process of generating SSL certificate is pretty straightforward. Execute the following command:

php bin/acme issue --domains yourdomain.com:www.youdomain.com --path /home/x123011738/public_html:/home/x123011738/public_html --server letsencrypt

If certificate was issued successfully, you will see the following message:

Requesting certificate ...
Successfully issued certificate.
See /home/x123011738/acme-client/data/certs/acme-v01.api.letsencrypt.org.directory/yourdomain.com

ACME client generated certificate and private key files. Unfortunately, installation cannot be done via SSH due to security restrictions. Therefore, you first need to manually copy certificate and private key files to your computer. It can be done using simple copy / paste method. Firstly navigate to the directory where private key and certificate files are stored:

cd /home/x123011738/acme-client/data/certs/acme-v01.api.letsencrypt.org.directory/yourdomain.com

Use cat command to see contents of fullchain.pem file:

cat fullchain.pem

Copy the part marked in red and save it in a text file on your computer. Name the text file certificate.txt.

Now do the same with private key:

cat key.pem

Copy the private key (as shown in the screenshot) and save it in a text file as well. Name it privatekey.txt.

The hardest part is over. You can now proceed with the installation of SSL certificate.

Step 3 – Installing Certificate via Hostinger members area

At this step you should already have certificate and private key saved in txt files on your computer. The final step is to install SSL certificate on your hosting account. It can be done via SSL section:

1. Access Hostinger members area and navigate to SSL section.
   
2. Select the domain from the drop down menu for which you want to install SSL certificate.
3. Paste contents from certificate.txt to Certificate:(CRT) and contents from privatekey.txt to Private Key:(KEY) fields. Press Install button once you are done.
   
4. Once the installation is complete, you will see a success message.
   

That’s it, you have successfully installed free SSL from Let’s Encrypt on shared hosting account. Your domain name will now work via HTTPS protocol.

Step 4 – Checking expiration date and renewing SSL certificate

Let’s Encrypt SSL certificates are set to expire every 90 days. You can check its expiration date via SSH using the following command:

php acme-client/bin/acme check --name yourdomain.com --server letsencrypt

You can also try to automatically renew Let’s Encrypt SSL certificate with a cron job. For example, in order to automatically renew SSL certificate, you can set cron job to run the following command every other month:

php acme-client/bin/acme issue --domains yourdomain.com:www.yourdomain.com --path /home/x123011738/public_html:/home/x123011738/public_html --server letsencrypt

On Hostinger, cron jobs can be created on Advanced Cron Jobs section. You can use the following settings:

 

• Common Option(s) – Once a month (0 0 1 * *)
• Minute(s) – :00 top of the hour (0)
• Hour(s) – 12 a.m. Midnight (0)
• Day(s) – 1st (1)
• Month(s) – Every other month (*/2)
• Weekday(s) – Every weekday (*)

Conclusion

Let’s Encrypt SSL certificates are great if you want to run your websites on HTTPS but don’t want to invest any money. This tutorial intended to show you a workaround you can use to install free SSL from Let’s Encrypt on shared hosting account.