Setup FREE Let’s Encrypt SSL on Namecheap Using ACME.SH in cPanel

by admin admin SSL Comments (0)

1. Setting up acme.sh in cPanel.

Login to your cPanel account via SSH:

ssh -l _CPANEL_USERNAME_ -p _SSH_PORT_  _SSH_ADDRESS_

Install acme.sh with the following command:

curl https://get.acme.sh | sh

Log-off and login to SSH again, or run the following command:

source ~/.bashrc

Register a Let’s Encrypt account with your email, so you can be notified of any renewal issues:

acme.sh --register-account --accountemail email@example.com

And confirm that acme.sh has setup a cron job for automatic renewals:

crontab -l | grep acme.sh

# The above command should output something like the below:
10 0 * * * "/home/_CPANEL_USERNAME_/.acme.sh"/acme.sh --cron --home "/home/_CPANEL_USERNAME_/.acme.sh" > /dev/null

 

2. Issuing a test certificate for your domain.

We will use the webroot method, which requires you to enter the document root of your domain. The webroot for your main domain is ~/public_html, but addon domains and subdomains will be located in other directories.

(Click to see how you can locate the webroot for a domain using the uapi command) 
uapi DomainInfo single_domain_data domain=_EXAMPLE.COM_ | grep documentroot
EX:uapi DomainInfo single_domain_data domain=tuts.raihanchow.com | grep documentroot

Go to

cd ~/tuts.raihanchow.com

Try issue a test certificate now:

acme.sh --issue --webroot ~/public_html -d _EXAMPLE.COM_ --staging
EX:acme.sh --issue --webroot ~/tuts.raihanchow.com -d tuts.raihanchow.com --staging

If this domain has alias/parked domains, include those with additional -d parameters, such as:

acme.sh --issue --webroot ~/public_html -d example.com -d www.example.com --staging
EX:acme.sh --issue --webroot ~/tuts.raihanchow.com -d tuts.raihanchow.com -d www.tuts.raihanchow.com --staging

Ensure that this step is successful. If you encountered an error, ensure that the webroot is correct, or try to run acme.sh with --debug 2 for further information.

3. Issuing a real certificate for your domain.

Use the same parameters as for your test certificate, except replace --staging with --force:

acme.sh --issue --webroot ~/public_html -d _EXAMPLE.COM_ --force
EX:acme.sh --issue --webroot ~/tuts.raihanchow.com -d tuts.raihanchow.com -d www.tuts.raihanchow.com --force

This re-issues the certificate as a real, trusted SSL certificate, rather than a test one from the staging environment.

4. Installing your certificate to your cPanel account.

After issuing the real certificate, we need to tell acme.sh how to install it to our domain, so it can automatically perform that task at every renewal.

acme.sh --deploy --deploy-hook cpanel_uapi --domain _EXAMPLE.COM_
EX:acme.sh --deploy --deploy-hook cpanel_uapi --domain tuts.raihanchow.com --domain www.tuts.raihanchow.com

This should result in a success message:

[Tue Aug  6 03:56:25 EDT 2019] Certificate successfully deployed
[Tue Aug  6 03:56:25 EDT 2019] Success

You should now be able to visit your domain in your browser and see that it is protected by a Let’s Encrypt certificate.

Please note, this will only deploy to a single virtualhost in your cPanel account. For other addon and subdomains, you should create separate certificates..

Reference: https://github.com/acmesh-official/acme.sh/wiki/Simple-guide-to-add-TLS-cert-to-cpanel

 

 

——- Domin varify issue problem resolve ——–

Please update your server to serve the following file at this URL:
--------------
URL: http://test.example.com/.well-known/acme-challenge/_bpFRhpfEVHktwEVdjmdCtVcF5MZ7qRvcn--uZwPKzM
File contents: "_bpFRhpfEVHktwEVdjmdCtVcF5MZ7qRvcn--uZwPKzM.Nh8mz3FnS03KxkGXN4_Cj9j9vcw4wXcZm0Z25CW6Ttw"
--------------

Notes:
- Do not include the quotes in the file.
- The file should be one line without any spaces.

Press Enter when you've got the file hosted on your server...

you need to create in .well-known/acme-challenge/ in /home/cpanel_user/test.example.com and paste the file content in _bpFRhpfEVHktwEVdjmdCtVcF5MZ7qRvcn–uZwPKzM

mkdir -p /home/cpanel_user/test.example.com/.well-known/acme-challenge/


echo "_bpFRhpfEVHktwEVdjmdCtVcF5MZ7qRvcn--uZwPKzM.Nh8mz3FnS03KxkGXN4_Cj9j9vcw4wXcZm0Z25CW6Ttw" > /home/cpanel_user/test.example.com/.well-known/acme-challenge/_bpFRhpfEVHktwEVdjmdCtVcF5MZ7qRvcn--uZwPKzM

After you done it for all your subdomains you can go and install it your namecheap hosting cpanel. You can use this link for

Letsencrypt for Nonsudo

https://gist.github.com/Shourai/bfd9f549a41c836c99c0c660c9271df6

Leave a Reply

Your email address will not be published.