#ssl #zerossl #security #godaddy
In this tutorial I will show you how to install a free SSL for your website via GoDaddy’s CPanel issued by ZeroSSL that’s valid for 3 months. I will use one of my websites to display the process. I will use ZeroSSL because it’s one of the issuing authorities recommended by Stripe. I needed to renew the SSL anyway, so might as well share the process that I found a little challenging to understand due to the lack of clear step-by-step instructions.
What you will need:
- A GoDaddy account with access to CPanel
- A domain name that you have already registered and that’s under GoDaddy’s management
- Access to your domain’s folder
I will show you how this is done on my Mac, but the process will be identical on your PC. It may look slightly differently but the steps will be the same.
Go to https://zerossl.com and select “Online tools”
Select FREE SSL Certificate Wizard (Click “Start”)
- Enter your email (optional),
- Enter domain.com + www.domain.com (no http:// or https://)
- Accept terms & conditions and select HTTPS mode
Your screen should look something like this:
Click next. You will see CSR generated in the right field. Domains will have disappeared, but don’t worry about it. Basically, don’t change anything on this screen and simply download the CSR by clicking the download icon or copy-pasting the certificate request’s text to a text file.
Click next to let ZeroSSL generate your account key. Download it or copy-paste the content to a text file.
Click “next” to proceed to the domain verification screen. Download the two files, they’ll be saved to your computer’s Download folder in .txt format. We will fix that later.
In GoDaddy, go to CPanel’s file manager. GoDaddy has recently updated the look of their CPanel, so I’ll share with you UX for an updated version. The location of the File Manager link may be different depending on your CPanel setup.
In your file manager, locate your project’s folder in public_html or go to your project’s subfolder in case you have multiple websites managed by one account. You can do it by typing “public_html/yourdomainfolder” and clicking the “Go” button in the top left section of your screen:
That will open your website’s folder. Here, create a new hidden folder that will be called “.well-known”. In order to do that, click on the “+ Folder” button as in the image above.
The folder is invisible so in order to access it you’d need to type in the address manually in a field in the top left section of your screen. To open the folder, add “/.well-known/” to the full folder address and click “Go”:
Create another folder “/acme-challenge/” inside “.well-known” using the instructions above. This folder will be visible within your “.well-known” folder, but you can always access it directly by typing the following address in the very same tool in the top left corner of your screen: “public_html/yourdomainfolder/.well-known/acme-challenge”
Upload the 2 files that you downloaded from ZeroSSL to /acme-challenge/ folder (NOT to the /.well-known/ folder! Open the /acme-challenge/ folder and upload your 2 files there). They will be in .txt format. They will look something like this in your Mac’s upload window:
Change names of the files to delete the .txt ending. In order to do that, select a file in your CPanel’s file browser and click on the “Rename” button in dashboard. Don’t open or edit the files, just rename them and delete the .txt ending:
As a result, you should have two files without any extensions. Once you’re sure that the names have been changed, return to ZeroSSL. In ZeroSSL, click “continue” to receive verify ownership of your domain. If you followed the steps above correctly, you will see a happy confirmation screen:
Ignore the top part of the screen, scroll down and download two more files (certificate and RSA key).
Your job is almost done. In GoDaddy’s panel, open CPanel Admin and search for the “SSL/TLS” tool. You can do it by clicking Command + F and typing “SSL” to find the relevant section of the screen faster. Select the link that just says “SSL/TLS”:
Open the SSL/TLS page. It should look something like this:
Open “Private Keys (KEY)” page. Scroll down to a section that says “Upload a New Private Key.”
On your computer, open a file “domain-key.txt” that you downloaded earlier from ZeroSSL.
Please, ensure that you open the right file as there’s a file with a similar name “account-key.txt”. DO NOT use the file “account-key.txt”, DO USE the file “domain-key.txt”.
Copy-paste the content of your file into the field that “Paste the key into the following text box”. Add description such as “yourdomain.com www.yourdomain.com” to be able to easily identify the key later. Click “save” to save your key.
You should receive a success message:
Click “Go back”, scroll down to the end of the page and click on “Return to SSL Manage” link, then go to the Certificates (CRT) page. Delete any of the old certificates for your domain.
Scroll down to the “Upload a New Certificate” section and copy-paste the content of your “domain-crt.txt” file. For some odd reason Mac may at times insert the certificate’s text two times, so please ensure that your field begins with “ — — -BEGIN CERTIFICATE — — -” and ends with “ — — -END CERTIFICATE — — -” without these lines repeating in the middle of the field. If you accidentally insert the certificate’s text two times, the entire process will fail.
If you inserted your certificate correctly, you will see the following info about your certificate automatically identified:
If you see a similar message above, add some description (for example, just insert the name of your domain) save the certificate. If you do not see the message above, check that you copied data from the correct file (domain-crt.txt) and that you didn’t accidentally insert the text more than once.
Now, return to the SSL/TLS page. Open the “Install and Manage SSL for your site (HTTPS)” page. You will see a bunch of certificates installed by GoDaddy by default. Check to see if your domain is there and delete the relevant entry if it is on the list. The issue is that GoDaddy’s certificates are often not recognised by payment platforms.
Next, scroll down to the “Install an SSL Website” section and select your domain from the list. Click the “Autofill by domain” button. If you executed all of the steps above correctly, you will see all of the fields being filled automatically. If the fields did not get automatically filled, you made a mistake in one of the previous steps. Repeat all of the steps above, clearing all of the old files and certificates.
If everything was executed correctly, you will see a screen similar to this:
If you see a screen similar to the one above, scroll down to the end of the page and click on the “Install Certificate” button. You will receive a success message similar to this one:
Don’t forget to repeat these SSL installation steps every 3 months as ZeroSSL only issues certificates valid for 3 months. It’s not ideal, but it’s perfect for your startup projects. It’ll save you up to $500, so go ahead and pet yourself on a head as you’ve just done a very cool thing. Don’t bother contacting GoDaddy’s tech support for assistance as they’re useless when it comes to any topics that are above the basic level.
As always, keep rocking it hard! Let me know if you’d like to see more tutorials.
